Tag Archives: breach

MoviePass security lapse exposed customer card numbers

Mossab Hussein, a security researcher at Dubai-based cybersecurity firm SpiderSilk, found an exposed database on one of the company’s many subdomains. The database was massive, containing 161 million records at the time of writing and growing in real time. Many of the records were normal computer-generated logging messages used to ensure the running of the service — but many also included sensitive user information, such as MoviePass customer card numbers. – Zack Whittaker, TechCrunch » https://tcrn.ch/31YoeiH

12,000 Social Media Influencers, Mostly Women, Exposed by Marketing Firm Data Breach

UpGuard’s researchers discovered the database in early January and were able to quickly linked it to the Octoly, a French company which maintains a virtual office based in Manhattan. Octoly’s Amazon server was publicly accessible, meaning virtually anyone could view its contents without a password. Securing the data proved challenging. Compared to most companies whose sensitive data has been unearthed in this way, Octoly was strikingly slow to respond. – Dell Cameron, Gizmodo http://gizmo.do/RofBd82

Data leak exposed millions of Time Warner Cable customers

MacKeeper developer Kromtech has discovered that BroadSoft, a frequent partner to service providers, was storing over 4 million Time Warner Cable customer records on Amazon cloud servers without a password. The records, which stemmed from the MyTWC mobile app, date as far back as November 2010 — years before Charter bought TWC. The information included email addresses, user names, financial transactions (though there’s no indication of credit card data) and billing addresses. There was even closed-circuit camera footage from BroadSoft’s Indian offices, as if to rub salt in the wound. – Jon Fingas, Engadget http://ift.tt/2x2HzDX