Category Archives: vpnMentor

Spotify Users Hit with Rash of Account Takeovers

Posted on November 23, 2020 by Tara Seals

Users of the music streaming service were targeted by attackers using credential-stuffing approaches. Continue reading Spotify Users Hit with Rash of Account Takeovers→

Good Heavens! 10M Impacted in Pray.com Data Exposure

Posted on November 20, 2020 by Tara Seals

The information exposed in a public cloud bucket included PII, church-donation information, photos and users’ contact lists. Continue reading Good Heavens! 10M Impacted in Pray.com Data Exposure→

Pharma Giant Pfizer Leaks Customer Prescription Info, Call Transcripts

Posted on October 20, 2020 by Tara Seals

Hundreds of medical patients taking cancer drugs, Premarin, Lyrica and more are now vulnerable to phishing, malware and identity fraud. Continue reading Pharma Giant Pfizer Leaks Customer Prescription Info, Call Transcripts→

Cloud Leak Exposes 320M Dating-Site Records

Posted on September 14, 2020 by Tara Seals

A misconfigured, Mailfire-owned Elasticsearch server impacted 70 dating and e-commerce sites, exposing PII and details such as romantic preferences. Continue reading Cloud Leak Exposes 320M Dating-Site Records→

Private photos leaked by PhotoSquared’s unsecured cloud storage

Posted on February 19, 2020 by Lisa Vaas

With no password required and no encryption in place, a burglar or ID thief could have seen your photos, your address and more. Continue reading Private photos leaked by PhotoSquared’s unsecured cloud storage→

Sensitive plastic surgery images exposed online

Posted on February 18, 2020 by Danny Bradbury

Researchers at VPN advisory company vpnMentor have found yet another online data exposure caused by a misconfigured cloud database. Continue reading Sensitive plastic surgery images exposed online→

Data about inmates and jail staff spilled by leaky prison app

Posted on February 12, 2020 by Lisa Vaas

A web-mapping project came across detainees’ prescriptions and other PII that could be used by identity thieves to victimize prisoners. Continue reading Data about inmates and jail staff spilled by leaky prison app→

Insecure Database Exposes Millions of Private SMS Messages

Posted on December 2, 2019 by Elizabeth Montalbano

Researchers discovered an unprotected TrueDialog database hosted by Microsoft Azure with diverse and business-related data from tens of millions of users. Continue reading Insecure Database Exposes Millions of Private SMS Messages→

Leaky database spills data on 20 million Ecuadorians and businesses

Posted on September 18, 2019 by Lisa Vaas

Included are deep details on 7 million minors, one grownup named Julian Assange, and perhaps a few million deceased Ecuadorians. Continue reading Leaky database spills data on 20 million Ecuadorians and businesses→

Leaky database full of fake Groupon emails turns out to belong to crooks

Posted on September 13, 2019 by Lisa Vaas

Crooks made bogus accounts to buy tickets with fake credit cards, resold them to unsuspecting buyers, and left the database-o-fraud wide open. Continue reading Leaky database full of fake Groupon emails turns out to belong to crooks→