Data Breach at Slickwraps exposes more than 857,000 customer accounts
Slickwraps, a company developing customized vinyl skins for mobile phones, has suffered a data breach, exposing personal information of over 857,000 customers. Interestingly the systems were not breached by the hacker by discovering any vulnerability, but by reading through a post in Medium, where a fellow anonymous hacker had publicly disclosed the vulnerability. According to the announcement made by Slickwrap, passwords and financial information were not exposed through this breach.
Canadian Government Data Breach
According to a report by Canadian Broadcasting Corp,. data breaches at Canadian government agencies exposed sensitive details of around 144,000 citizens over a two-year period. The breach came into light through a 800-page report published in January, containing details on all the agencies that got breaches in the past two years. The agencies including national defense, healthcare, postal service, immigration, failed to inform about the breach after accidentally exposing citizens’ data, despite it being mandatory to report a breach as per the Personal Information Protection and Electronic Documents Act (PIPEDA). Human error is considered to be the primary reason for the data exposure.
Details of 10.6 million MGM Resorts guests posted online
According to ZDNet reports, personal information of over 10.6 million guests at MGM Resorts has been posted in an underground forum. The exposed details include full name, address, email address, phone number and date of birth. MGM was hit by a data breach in 2019 when one its server hosting customer information was accessed by a hacker. The cause of the breach is still unknown.
Data of all 6.5 Million Israeli voters leaked
A coding flaw in an application used by Israel’s current ruling party has exposed the names, addresses and ID card number of Israel’s 6,453,255 citizens. The flaw was exposed by simply right clicking in the web application and selecting “View Source” option, which displays the HTML code of the website. The code had a file path to get “admin users” which further revealed a list of usernames and passwords, through which the entire voting registry got exposed.
*** This is a Security Bloggers Network syndicated blog from CipherCloud authored by CipherCloud. Read the original post at: https://www.ciphercloud.com/a-round-up-of-data-breaches-in-february-2020/