#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

database leaked | Breaking Cybersecurity News | The Hacker News

App Used by Israel's Ruling Party Leaked Personal Data of All 6.5 Million Voters

App Used by Israel's Ruling Party Leaked Personal Data of All 6.5 Million Voters

Feb 11, 2020
An election campaigning website operated by Likud―the ruling political party of Israeli Prime Minister Benjamin Netanyahu―inadvertently exposed personal information of all 6.5 million eligible Israeli voters on the Internet, just three weeks before the country is going to have a legislative election. In Israel, all political parties receive personal details of voters before the election, which they can't share with any third party and are responsible for protecting the privacy of their citizens and erasing it after the elections are over. Reportedly, Likud shared the entire voter registry with Feed-b, a software development company, who then uploaded it a website (elector.co.il) designed to promote the voting management app called 'Elector.' According to Ran Bar-Zik , a web security researcher who disclosed the issue, the voters' data was not leaked using any security vulnerability in the Elector app; instead, the incident occurred due to negligence by the softw
Over 202 Million Chinese Job Seekers' Details Exposed On the Internet

Over 202 Million Chinese Job Seekers' Details Exposed On the Internet

Jan 10, 2019
Cybersecurity researcher has discovered online a massive database containing records of more than 202 million Chinese citizens that remained accessible to anyone on the Internet without authentication until last week. The unprotected 854.8 gigabytes of the database was stored in an instance of MongoDB, a NoSQL high performance and cross-platform document-oriented database, hosted by an American server hosting company. In total, the database contained 202,730,434 records about job candidates from China, including candidates' personal information such as their full name, date of birth, phone number, email address, marriage status, and driver's license information, along with their professional experience and job expectations. Bob Diachenko, director of cyber risk research at Hacken.io and bug bounty platform HackenProof, discovered the existence of database two weeks ago, which had been secured shortly after his notification on Twitter. However, it is worth noting that &
How to Find and Fix Risky Sharing in Google Drive

How to Find and Fix Risky Sharing in Google Drive

Mar 06, 2024Data Security / Cloud Security
Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn't anyone's fault; it's inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally.  For Security & Risk Management teams, the untenable risk of any Google Drive footprint lies in the toxic combinations of sensitive data, excessive permissions, and improper sharing. However, it can be challenging to differentiate between typical business practices and potential risks without fully understanding the context and intent.  Material Security, a company renowned for its innovative method of protecting sensitive data within employee mailboxes, has recently launched  Data Protection for Google Drive  to safeguard the sprawl of confidential information scattered throughout Google Drive with a powerful discovery and remediation toolkit. How Material Security helps organ
Real Identity of Hacker Who Sold LinkedIn, Dropbox Databases Revealed

Real Identity of Hacker Who Sold LinkedIn, Dropbox Databases Revealed

Nov 21, 2018
The real identity of Tessa88—the notorious hacker tied to several high-profile cyber attacks including the LinkedIn , DropBox and MySpace mega breaches—has been revealed as Maksim Vladimirovich Donakov (Максим Владимирович Донаков), a resident of Penza, Russian Federation. In early 2016, a hacker with pseudonym Tessa88 emerged online offering stolen databases from some of the biggest social media websites in the world, including LinkedIn, MySpace, VKontakte (vk.com), Dropbox, Rambler , and Twitter , for sale in various underground hacking forums. The stolen data, taken years ago from several social media sites, included more than half a billion username and password combinations, which were then used in phishing, account takeover, and other cyber attacks. Though Tessa88's profile was active for a few months between February and May 2016, the OPSEC analysis revealed that the same person was involved in various cybercriminal activities since as early as 2012 under different
cyber security

Uncover Critical Gaps in 7 Core Areas of Your Cybersecurity Program

websiteArmor PointCyber Security / Assessment
Turn potential vulnerabilities into strengths. Start evaluating your defenses today. Download the Checklist.
Over 43 Million Weebly Accounts Hacked; Foursquare Also Hit By Data Breach

Over 43 Million Weebly Accounts Hacked; Foursquare Also Hit By Data Breach

Oct 20, 2016
2016 is the year of data breaches that has made almost every major companies victims to the cyber attacks, resulting in compromise of over billion of online users accounts. Weebly and Foursquare are the latest victims of the massive data breach, joining the list of "Mega-Breaches" revealed in recent months, including LinkedIn , MySpace , VK.com , Tumblr , Dropbox , and the biggest one -- Yahoo . Details for over 43 Million users have been stolen from the San Francisco-based website building service Weebly, according to breach notification site LeakedSource, who had already indexed a copy of the stolen data that it received from an anonymous source. In addition, LeakedSource posted details of the cyber attack in its blog post on Thursday explaining what happened. The attack believed to have been carried out in February 2016. "Unlike nearly every other hack, the Co-founder and CTO of Weebly Chris Fanini fortunately did not have his head buried deeply in the san
Insider Breach: T-Mobile Czech Employee Steals and Sells 1.5 Million Users Data

Insider Breach: T-Mobile Czech Employee Steals and Sells 1.5 Million Users Data

Jun 20, 2016
T-Mobile is the latest in the list of recent high-profile data breaches, though this time the breach is not carried out by "Peace" - the Russian hacker who was behind the massive breaches in some popular social media sites including LinkedIn , MySpace , Tumblr , and VK.com . Instead, one of the T-Mobile's employees stole more than 1.5 Million customer records at the T-Mobile Czech Republic in order to sell it on for a profit, according to local media , MF DNES. Yes, the customer service staff member tried to sell the T-Mobile customer marketing database, though it is not clear that how much of names, e-mail addresses, account numbers and other personal data of over 1.5 Million customers the database contained. The T-Mobile Czech Republic has also refused to provide any "additional specific information" about what data was leaked, due to an ongoing police investigation. Although the company assured its customers that the stolen database did not contai
Adult Friend Finder... Hacked & 3.5 Million Users' Database Leaked Online

Adult Friend Finder... Hacked & 3.5 Million Users' Database Leaked Online

May 22, 2015
Until now, hackers have targeted companies and websites that hold your credit card details or medical information, but now they are showing interest in your sex life instead. You heard it right. Adult Friend Finder , a casual dating website with the tagline "hookup, find sex or meet someone hot now", has suffered a massive data breach. Nearly 4 Million users of AdultFriendFinder have had their personal details, including email addresses, usernames, dates of birth, postcodes and IP addresses, exposed on the dark web for sale online. The Channel 4 news site broke the story on Thursday and warned users of the California-based dating site with 64 million members who want to have sex and one night stands with strangers. Nearly 4 Million Sex Life Exposed!!! The leaked data also includes the information on whether the users are gay or straight and even which ones might be seeking extramarital affairs. This data could be goldmines for hacker trying to blackma
Researcher Publishes 10 Million Usernames and Passwords from Data Breaches

Researcher Publishes 10 Million Usernames and Passwords from Data Breaches

Feb 10, 2015
A security researcher has publicly released a set of 10 Million usernames and passwords, which he collected from multiple data breaches over the last decade for the purpose of his research. These 10 million usernames and passwords are collective of leaked database dumps those were already available publicly on the Internet. However, Mark Burnett, a well-known security consultant who has developed a specialty collecting and researching passwords leaked online, marked his decision to publish the password dump as legally risky, but necessary to help security researchers. WHY IS THE RESEARCHER WILLING TO SHARE PASSWORDS ? The researcher says the released set of passwords and usernames is like a sample data, which is important for other researchers to analyze and provide great insight into user behavior and is valuable for encouraging password security . Also, the researcher was frequently receiving lots of requests from students and other security researchers to submit a copy
Thousands of Mozilla Developers Emails and Password Exposed Accidentally

Thousands of Mozilla Developers Emails and Password Exposed Accidentally

Aug 04, 2014
Mozilla on Friday notified users of its Mozilla Developer Network (MDN) that the company has accidentally exposed the e-mail addresses and cryptographically protected passwords of thousands of Mozilla developers. The email addresses of over 76,000 members of its Developer Network, along with 4000 "salted" passwords were disclosed through a database glitch that may have been exploited by hackers, Mozilla officials warned Friday. The database glitch caused due to a data " sanitization " process failure, that was lasted for a month beginning on June 23, which inadvertently published the records of members of the MDN and left on a publicly accessible server for around a month until one of the outfit's web developers discovered their presence on a server accessible to the general public around a couple of weeks back, according to a blog post . " As soon as we learned of it, the database dump file was removed from the server immediately, and the process that ge
Anonymous Hackers dumps 600k Emails from most popular Israeli web portal

Anonymous Hackers dumps 600k Emails from most popular Israeli web portal

Feb 18, 2013
As part of  Operation Israel ( #OpIsrael )  Anonymous Hackers once again strike on Israeli infrastructure by dumping the 600,000 emails and passwords from one of the most popular Israeli web portal ' Walla ', which is know for providing news, search and e-mail system, among other things. Anonymous Activist knows ' AnonSabre ' dumped email addresses, password MD5 hashes and salts across 95 Pastebin posts containing this sensitive information have been published over the course of 24 hours. Walla also confirmed that the list was posted online, but they said that the information leaked by Hacker is Useless because the password posted by hacker is in Encrypted form.  I think, they are not aware about fastest MD5 cracker ' oclhashcat ' or other cloud based cracking services, anyway they also said," However, we are working on 'hermetically' sealing off user details in Walla! accounts, ". The #OpIsrael campaign was announced last December, a
Cybersecurity Resources