Latest Database news

Memory leak in IBM DB2 gives access to sensitive data, causes DoS

A memory leak vulnerability in IBM Db2 relational database could allow an attacker to gain access to sensitive data or cause a denial-of-service (DoS) condition in the database.
- Ionut Ilascu
- August 20, 2020
- 08:11 AM
- 0
Havenly discloses data breach after 1.3M accounts leaked online

Havenly, a US-based interior design web site, has disclosed a data breach after a hacker posted a database containing 1.3 million user records for free on a hacker forum.
- Lawrence Abrams
- August 02, 2020
- 12:59 PM
- 1
Promo.com discloses data breach after 22M user records leaked online

Promo.com, an Israeli-based marketing video creation site, has disclosed a data breach after a database containing 22 million user records was leaked for free on a hacker forum.
- Lawrence Abrams
- July 27, 2020
- 07:18 PM
- 0
Dave data breach affects 7.5 million users, leaked on hacker forum

Overdraft protection and cash advance service Dave has suffered a data breach after a database containing 7.5 million user records was sold in an auction and then released later for free on hacker forums.
- Lawrence Abrams
- July 26, 2020
- 04:56 PM
- 2
New ‘Meow’ attack has deleted almost 4,000 unsecured databases

Dozens of unsecured databases exposed on the public web are the target of an automated 'meow' attack that wipes data without any explanation.
- Ionut Ilascu
- July 25, 2020
- 09:07 PM
- 3
Exposed Frost & Sullivan databases for sale on hacking forum

U.S. business consulting firm Frost & Sullivan was breached after data from an unsecured backup folder exposed on the Internet was sold on a hacker forum.
- Lawrence Abrams
- June 24, 2020
- 07:30 AM
- 0
Hackers are quick to notice exposed Elasticsearch servers

Bad guys find unprotected Elasticsearch servers exposed on the web faster than search engines can index them. A study found that threat actors are mainly going for cryptocurrency mining and credential theft.
- Ionut Ilascu
- June 12, 2020
- 03:27 AM
- 0
ZEE5 allegedly hacked by 'Korean hackers', customer info at risk

A hacker identifying themselves as "John Wick" and "Korean Hackers" claim to have breached the systems for Indian media giant ZEE5 and are threatening to sell the database on criminal markets.
- Ax Sharma
- June 06, 2020
- 02:19 PM
- 0
Patch SAP Adaptive Server Enterprise now to avoid takeover risk

Organizations using SAP Adaptive Server Enterprise (ASE) should immediately update the product to the latest version as researchers today have detailed the nature of critical vulnerabilities.
- Ionut Ilascu
- June 03, 2020
- 10:33 AM
- 0
Hacker extorts online shops, sells databases if ransom not paid

More than two dozen SQL databases stolen from online shops in various countries are being offered for sale on a public website. In total, the seller provides over 1.5 million rows of records but the damage is likely much larger.
- Ionut Ilascu
- May 25, 2020
- 12:47 PM
- 0
CAM4 adult cam site exposes 11 million emails, private chats

Adult live streaming website CAM4 exposed over 7TB of personally identifiable information (PII) of members and users, stored within more than 10.88 billion database records.
- Sergiu Gatlan
- May 04, 2020
- 12:34 PM
- 0
Hacker sells 91 million Tokopedia accounts, cracked passwords shared

A hacker is selling a database containing the information of 91 million Tokopedia accounts on a dark web market for as little as $5,000. Other threat actors have already started to crack passwords and share them online.
- Lawrence Abrams
- May 03, 2020
- 01:59 PM
- 1
French daily Le Figaro database exposes users’ personal info

French daily newspaper Le Figaro exposed roughly 7.4 billion records containing personally identifiable information (PII) of reporters and employees, as well as of at least 42,000 users.
- Sergiu Gatlan
- May 01, 2020
- 11:08 AM
- 0
Rogers Data Breach Exposed Customer Info in Unsecured Database

Canadian ISP Rogers Communications has begun to notify customers of a data breach that exposed their personal information due to an unsecured database.
- Lawrence Abrams
- March 19, 2020
- 06:31 PM
- 0
Virgin Media Data Breach Exposes Info of 900,000 Customers

Virgin Media announced today that the personal information of roughly 900,000 of its customers was accessed without permission on at least one occasion because of a misconfigured and unsecured marketing database.
- Sergiu Gatlan
- March 05, 2020
- 04:35 PM
- 0
Plastic Surgery Patient Photos, Info Exposed by Leaky Database

Hundreds of thousands of documents with plastic surgery patients' personal information and highly sensitive photos were exposed online by an improperly secured Amazon Web Services (AWS) S3 bucket.
- Sergiu Gatlan
- February 14, 2020
- 12:45 PM
- 0
Wyze Exposes User Data via Unsecured ElasticSearch Cluster

Smart home tech maker Wyze Labs confirmed that the user data of over 2.4 million of its users were exposed by an unsecured database connected to an Elasticsearch cluster for over three weeks, from December 4 to December 26.
- Sergiu Gatlan
- December 29, 2019
- 01:07 PM
- 1
7.5 Million Records of Adobe Creative Cloud User Data Exposed

Adobe secured a database with 7.5 million records belonging to Adobe Creative Cloud users. The cache was not protected in any way, allowing anyone access to client information if they knew how to find it.
- Ionut Ilascu
- October 25, 2019
- 03:13 PM
- 0
Leafly Cannabis Website Leaked User Info via Exposed Database

Cannabis information platform Leafly sent notification emails to some of its customers letting them know that some of their information was exposed in a data leak incident.
- Sergiu Gatlan
- October 11, 2019
- 11:31 AM
- 0
Ransom Note Replaces 2.1M Customer Records on Open MongoDB

Hackers on the prowl for unsecured databases found a publicly accessible MongoDB instance and replaced the almost 1.2 million sensitive records it stored with a ransom note.
- Ionut Ilascu
- August 02, 2019
- 11:34 AM
- 0