Inadvertant Data Breaches

•

0 likes•962 views

We've outlined some notable instances of misconfigured databases in this document (this is by no means an exhaustive list, but it does give an idea of the magnitude of the problem). To learn more about data exposure risks and data leakage detection, visit https://www.digitalshadows.com/data-leakage-detection/.

Technology

Timeline of Inadvertant
Data Breaches
2
0
1
7
June ‘17. Pentagon files exposed. Source: AWS S3.
July ‘17. 2.2 million Dow Jones records exposed. Source: AWS S3.
Sep ‘17. 4.4 million records from Time Warner exposed. Source: AWS S3.
Sep ‘17. Accenture Cloud exposed. Source: AWS S3.
Feb ‘18. FedEx customer identification records exposed. Source: AWS S3.
May ‘18. 3 million records from Californian Non Profit exposed. Source: AWS S3.
Aug ‘18. 445 million records from Veeam exposed. Source: MongoDB.
Aug ‘18. Thousands of records of GoDaddy configuration exposed. Source:
AWS S3.
Sep ‘18. 11 million exposed records from Californian email marketing.
Source: MongoDB.
Jan ‘19. 200 million records exposed by Hacken.io. Source: MongoDB.
Feb ‘19. 2.565 million records of Uighurs exposed. Source: MongoDB.
March ‘19. 364 million records of from Chinese Police Tracking.
Source: MongoDB.
April ‘19. 188 million Pipl.com & LexisNexis records. Source: MongoDB.
June ‘19. Undisclosed # records Attunity (Qlik). Source: AWS S3.
July ‘19. 90 million records from Jiangsu Provincial Public Security Dept.
Source: ElasticSearch.
April ‘19. 12.5 million Indian State medical records. Source: MongoDB.
April ‘19. 540 million ‘At the Pool’ records. Source: AWS S3.
June ‘19. 5 million MedicareSupplement.com records. Source: MongoDB.
July ‘19. 14.3 million Chilean Voting Records from 2017 election.
Source: ElasticSearch.
July ‘19. 44,000 Credit Farr and Chqbook. Source: ElasticSearch.
July ‘19. 8 million lines of code AavGo. Source: ElasticSearch.
July ‘19. Data on 70% citizens from Bulgarian National Revenue Agency
exposed. Source: ElasticSearch.
Sep ‘19. 2.5 million Canadian retail customer details exposed.
Source: ElasticSearch.
Aug ‘19. 27.8 million Suprema records exposed. Source: ElasticSearch.
Aug ‘19. 37k Australian medical trial records exposed. Source: MongoDB.
Sep ‘19. 198 Million car-buyer records exposed. Source: ElasticSearch.
Sep ‘19. PII of 20 million Ecuadoreans exposed. Source: ElasticSearch.
June ‘19. 300,000 Medico Inc records. Source: AWS S3.
June ‘19. 40GB of Honda data. Source: ElasticSearch.
March ‘19. 238,000 records from Family Locator exposed. Source: MongoDB.
March ‘19. 60,000 records from EmCare exposed. Source: ElasticSearch.
Jan ‘19. 108 million bets exposed by online casino. Source: ElasticSearch.
Nov ‘18. 300,000 records exposed by Urban Massage. Source: ElasticSearch.
Nov ‘18. 25.9 million records from Data & Leads Inc exposed.
Source: ElasticSearch.
June ‘17. RNC voter data exposed. Source: AWS S3.
July ‘17. 3 million WWE records exposed. Source: AWS S3.
2
0
1
9
2
0
1
8

More from Digital Shadows

A recent indictment revealed how the GRU (Russia’s Military Intelligence agency) used both influence operations and network intrusions to achieve its policy aims. More precisely, the GRU weaponized the use of the network intrusions in its influence operations. We have used the MITRE ATT&CK framework as our methodology to play back the findings of the indictment. In doing so, we aim to provide key lessons organizations can take away from this indictment.

Mitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations

Digital Shadows

MITRE ATT&CK and 2017 FSB Indictment

Digital Shadows

Mitre ATTACK and the North Korean Regime-Backed Programmer

Digital Shadows

Digital Shadows and Demisto Enterprise Integration Datasheet

Digital Shadows

Digital Shadows and Palo Alto Networks Integration Datasheet

Digital Shadows

Data Sources - Digital Shadows

Digital Shadows

Energy and Utilities Firm Increases Productivity by Reducing False Positives

Digital Shadows

Digital Shadows Client Feedback

Digital Shadows

Managed Takedown Service - Digital Shadows

Digital Shadows

Source Code and Admin Password Shared on Public Site by Developer

Digital Shadows

Phishing Site Detected and Taken Down

Digital Shadows

Mobile Application Detected Impersonating Company Brand

Digital Shadows

Ecommerce Retailer Uncovers Coupon Fraud Scheme

Digital Shadows

Digital Shadows Helps Large Retailer Navigate Extortion Attempt

Digital Shadows

Contractor Exposed Manufacturer's Sensitive Data

Digital Shadows

Configuration File of Trojan Targets Organization

Digital Shadows

Company Named on Target List for Hacktivist Campaign

Digital Shadows

Inglorious Threat Intelligence by Rick Holland

Digital Shadows

More from Digital Shadows (18)

Mitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations

MITRE ATT&CK and 2017 FSB Indictment

Mitre ATTACK and the North Korean Regime-Backed Programmer

Digital Shadows and Demisto Enterprise Integration Datasheet

Digital Shadows and Palo Alto Networks Integration Datasheet

Data Sources - Digital Shadows

Energy and Utilities Firm Increases Productivity by Reducing False Positives

Digital Shadows Client Feedback

Managed Takedown Service - Digital Shadows

Source Code and Admin Password Shared on Public Site by Developer

Phishing Site Detected and Taken Down

Mobile Application Detected Impersonating Company Brand

Ecommerce Retailer Uncovers Coupon Fraud Scheme

Digital Shadows Helps Large Retailer Navigate Extortion Attempt

Contractor Exposed Manufacturer's Sensitive Data

Configuration File of Trojan Targets Organization

Company Named on Target List for Hacktivist Campaign

Inglorious Threat Intelligence by Rick Holland

Recently uploaded

DBX First Quarter 2024 Investor Presentation

Dropbox

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

Angeliki Cooney has spent over twenty years at the forefront of the life sciences industry, working out of Wynantskill, NY. She is highly regarded for her dedication to advancing the development and accessibility of innovative treatments for chronic diseases, rare disorders, and cancer. Her professional journey has centered on strategic consulting for biopharmaceutical companies, facilitating digital transformation, enhancing omnichannel engagement, and refining strategic commercial practices. Angeliki's innovative contributions include pioneering several software-as-a-service (SaaS) products for the life sciences sector, earning her three patents. As the Senior Vice President of Life Sciences at Avenga, Angeliki orchestrated the firm's strategic entry into the U.S. market. Avenga, a renowned digital engineering and consulting firm, partners with significant entities in the pharmaceutical and biotechnology fields. Her leadership was instrumental in expanding Avenga's client base and establishing its presence in the competitive U.S. market.

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Angeliki Cooney

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

MadyBayot

Vector Search -An Introduction in Oracle Database 23ai.pptx

Remote DBA Services

Passkeys: Developing APIs to enable passwordless authentication Cody Salas, Sr Developer Advocate | Solutions Architect - Yubico Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

apidays

CNIC Information System with Pakdata Cf In Pakistan

danishmna97

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

💥 You’re lucky! We’ve found two different (lead) developers that are willing to share their valuable lessons learned about using UiPath Document Understanding! Based on recent implementations in appealing use cases at Partou and SPIE. Don’t expect fancy videos or slide decks, but real and practical experiences that will help you with your own implementations. 📕 Topics that will be addressed: • Training the ML-model by humans: do or don't? • Rule-based versus AI extractors • Tips for finding use cases • How to start 👨‍🏫👨‍💻 Speakers: o Dion Morskieft, RPA Product Owner @Partou o Jack Klein-Schiphorst, Automation Developer @Tacstone Technology

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

UiPathCommunity

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

Understanding the FAA Part 107 License ..

Christopher Logan Kennedy

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

Whatsapp Number Escorts Call girls 8617370543 Available 24x7 Mcleodganj Call Girls Service Offer Genuine VIP Model Escorts Call Girls in Your Budget. Mcleodganj Call Girls Service Provide Real Call Girls Number. Make Your Sexual Pleasure Memorable with Our Mcleodganj Call Girls at Affordable Price. Top VIP Escorts Call Girls, High Profile Independent Escorts Call Girls, Housewife Women Escorts Call Girl, College Girls Escorts Call Girls, Russian Escorts Call girls Service in Your Budget.

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Deepika Singh

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

Six Myths about Ontologies: The Basics of Formal Ontology

johnbeverley2021

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Edi Saputra

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

Recently uploaded (20)

DBX First Quarter 2024 Investor Presentation

Boost Fertility New Invention Ups Success Rates.pdf

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

Vector Search -An Introduction in Oracle Database 23ai.pptx

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

CNIC Information System with Pakdata Cf In Pakistan

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

AWS Community Day CPH - Three problems of Terraform

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Understanding the FAA Part 107 License ..

Why Teams call analytics are critical to your entire business

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Apidays New York 2024 - The value of a flexible API Management solution for O...

Six Myths about Ontologies: The Basics of Formal Ontology

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Inadvertant Data Breaches

1. Timeline of Inadvertant Data Breaches 2 0 1 7 June ‘17. Pentagon files exposed. Source: AWS S3. July ‘17. 2.2 million Dow Jones records exposed. Source: AWS S3. Sep ‘17. 4.4 million records from Time Warner exposed. Source: AWS S3. Sep ‘17. Accenture Cloud exposed. Source: AWS S3. Feb ‘18. FedEx customer identification records exposed. Source: AWS S3. May ‘18. 3 million records from Californian Non Profit exposed. Source: AWS S3. Aug ‘18. 445 million records from Veeam exposed. Source: MongoDB. Aug ‘18. Thousands of records of GoDaddy configuration exposed. Source: AWS S3. Sep ‘18. 11 million exposed records from Californian email marketing. Source: MongoDB. Jan ‘19. 200 million records exposed by Hacken.io. Source: MongoDB. Feb ‘19. 2.565 million records of Uighurs exposed. Source: MongoDB. March ‘19. 364 million records of from Chinese Police Tracking. Source: MongoDB. April ‘19. 188 million Pipl.com & LexisNexis records. Source: MongoDB. June ‘19. Undisclosed # records Attunity (Qlik). Source: AWS S3. July ‘19. 90 million records from Jiangsu Provincial Public Security Dept. Source: ElasticSearch. April ‘19. 12.5 million Indian State medical records. Source: MongoDB. April ‘19. 540 million ‘At the Pool’ records. Source: AWS S3. June ‘19. 5 million MedicareSupplement.com records. Source: MongoDB. July ‘19. 14.3 million Chilean Voting Records from 2017 election. Source: ElasticSearch. July ‘19. 44,000 Credit Farr and Chqbook. Source: ElasticSearch. July ‘19. 8 million lines of code AavGo. Source: ElasticSearch. July ‘19. Data on 70% citizens from Bulgarian National Revenue Agency exposed. Source: ElasticSearch. Sep ‘19. 2.5 million Canadian retail customer details exposed. Source: ElasticSearch. Aug ‘19. 27.8 million Suprema records exposed. Source: ElasticSearch. Aug ‘19. 37k Australian medical trial records exposed. Source: MongoDB. Sep ‘19. 198 Million car-buyer records exposed. Source: ElasticSearch. Sep ‘19. PII of 20 million Ecuadoreans exposed. Source: ElasticSearch. June ‘19. 300,000 Medico Inc records. Source: AWS S3. June ‘19. 40GB of Honda data. Source: ElasticSearch. March ‘19. 238,000 records from Family Locator exposed. Source: MongoDB. March ‘19. 60,000 records from EmCare exposed. Source: ElasticSearch. Jan ‘19. 108 million bets exposed by online casino. Source: ElasticSearch. Nov ‘18. 300,000 records exposed by Urban Massage. Source: ElasticSearch. Nov ‘18. 25.9 million records from Data & Leads Inc exposed. Source: ElasticSearch. June ‘17. RNC voter data exposed. Source: AWS S3. July ‘17. 3 million WWE records exposed. Source: AWS S3. 2 0 1 9 2 0 1 8

Inadvertant Data Breaches

Recommended

Recommended

More Related Content

More from Digital Shadows

More from Digital Shadows (18)

Recently uploaded

Recently uploaded (20)

Inadvertant Data Breaches