Category Archives: Bob Diachenko

US Phone Service Exposes Millions of Messages Between Inmates and Their Friends and Families

Posted on by

Telmate, a company that facilitates monitored inmate communications with the outside world, has exposed a large database containing tens of millions of call logs, private messages, and personal information about inmates and their contacts. Bob Diachenk… Continue reading US Phone Service Exposes Millions of Messages Between Inmates and Their Friends and Families

309 million Facebook users’ phone numbers (and more) found online

Posted on by

First, 267m records were exposed & sold for 0.0002 cents each on the Dark Web. It was taken down but got reposted with yet more records. Continue reading 309 million Facebook users’ phone numbers (and more) found online

Data-Enriched Profiles on 1.2B People Exposed in Gigantic Leak

Posted on by

Although the data was legitimately scraped by legally operating firms, the security and privacy implications are numerous. Continue reading Data-Enriched Profiles on 1.2B People Exposed in Gigantic Leak

Millions of records about Middle Eastern drivers left in an insecure database

Posted on by

Records containing sensitive information on perhaps millions of Iranian drivers was left unsecured in a publicly available database for days, according to security research published Thursday. More than 6.7 million records from 2017 and 2018 were estimated to be exposed in a database discovered by researcher Bob Diachenko. Information included drivers’ first and last names, their Iranian ID numbers stored in plain text, their phone numbers, and other data such as invoice information. The data is now secured, Diachenko told CyberScoop. The actual number of people affected in the breach is likely less than 6.7 million, Diachenko explained, because the database contains multiple files referring to the same people. While the origin of the data remains unclear, Diachenko suggested it may have been stolen from the Iranian ride-hailing companies Snapp and/or TAP30. “[W]e can only guess if this data was part of their infrastructure,” he wrote in a post published Thursday. […]

The post Millions of records about Middle Eastern drivers left in an insecure database appeared first on CyberScoop.

Continue reading Millions of records about Middle Eastern drivers left in an insecure database

‘Gold mine’ of customer loan, tax and other records exposed on open server

Posted on by

A massive store of data that includes loan agreements, payment schedules tax documents and other financial records was openly accessible on a public server until recently, according to security researcher Bob Diachenko and TechCrunch. The data, totaling about 24 million records, was being stored in an unsecured server by Ascension Data and Analytics, a company that sells various technical services to the financial industry, according to Diachenko. The researcher said he worked with TechCrunch reporter Zack Whittaker to track the data to Ascension. Diachenko wrote in a blog post published Wednesday that he notified Ascension after making the discovery on Jan. 10, and that the data was secured by Jan. 15. The report says the 51 gigabytes’ worth of data on the server consisted of individual pages of documents that were submitted by financial institutions for optical character recognition – the conversion of handwriting text into machine-readable text. Some of the documents dated as far back as 2008. Some, not all, […]

The post ‘Gold mine’ of customer loan, tax and other records exposed on open server appeared first on CyberScoop.

Continue reading ‘Gold mine’ of customer loan, tax and other records exposed on open server