Month: April 2019

Researcher Sanyam Jain at GDI foundation discovered 8 unsecured databases, exposing approximately 60 million records of LinkedIn users.

Most of the data is publicly available on LinkedIn, so this isn’t a LinkedIn breach per se.

Records included LinkedIn public profile information, including IDs, profile URLs, work history, education history, location, listed skills, other social profiles, and the last time the profile was updated. Emails that were used for the initial account registration on LinkedIn, despite having privacy to be not available to the public, was also included.

The databases were appearing each day on a different IP address.

In total, 229 GB of data was leaked.

Read more about it here.

A ransomware attack knocked the Weather Channel off the air for at least 90 minutes on April 18, 2019. The broadcaster confirmed via Twitter that the incident was the result of “a malicious software attack on the network.” The Weather Channel was well prepared. IT staff were able to restore normal operations using backups.

Federal law enforcement are investigating the incident.

Read more about it here.

UpGuard, an Australian cybersecurity startup company, discovered two datasets stored on unprotected Amazon cloud servers.

“One, originating from the Mexico-based media company Cultura Colectiva, weighs in at 146 gigabytes and contains over 540 million records detailing comments, likes, reactions, account names, FB IDs and more… A separate backup from a Facebook-integrated app titled “At the Pool” was also found exposed to the public internet via an Amazon S3 bucket.” It contains information about users’ friends, likes, groups, and checked-in locations, as well as names, plaintext passwords for “At the Pool” accounts, and email addresses for 22,000 people.

Both datasets were stored in unsecured Amazon S3 buckets, that were secured on April 3, 2019 after Bloomberg notified Facebook, who worked with Amazon to secure them.

Read more about it here.