Daily Archives: September 4, 2017

Data Breach Exposes Thousands of Job Seeker CVs Citing Top Secret Government Work

Posted on by
Reply

Thousands of files containing the personal information and expertise of Americans with classified and up to Top Secret security clearances have been exposed by an unsecured Amazon server, potentially for most of the year.
[…]
Thousands of files containing the personal information and expertise of Americans with classified and up to Top Secret security clearances have been exposed by an unsecured Amazon server, potentially for most of the year.

The files have been traced back to TigerSwan, a North Carolina-based private security firm. But in a statement on Saturday, TigerSwan implicated TalentPen, a third-party vendor apparently used by the firm to process new job applicants.
[…]
Found on an insecure Amazon S3 bucket without the protection of a password, the cache of roughly 9,400 documents reveal extraordinary details about thousands of individuals who were formerly and may be currently employed by the US Department of Defense and within the US intelligence community.

Other documents reveal sensitive and personal details about Iraqi and Afghan nationals who have cooperated and worked alongside US military forces in their home countries, according to the security firm who discovered and reviewed the documents. Between 15 and 20 applicants reportedly meet this criteria.
[…]
Many of the files are timestamped and indicate that they were uploaded to the server in mid-February. Gizmodo has yet to confirm for how long the data was left publicly accessible, information only accessible to Amazon and the server’s owner.

“A cursory examination of some of the exposed resumes indicates not merely the varied and elite caliber of many of the applicants as experienced intelligence and military figures, but sensitive, identifying personal details,” UpGuard said in a statement.

Source: Data Breach Exposes Thousands of Job Seekers Citing Top Secret Government Work [Updated]

Facebook has mapped populations in 23 countries as it explores satellites to expand internet – it knows where you live!

Posted on by
Reply

Facebook doesn’t only know what its 2 billion users “Like.”

It now knows where millions of humans live, everywhere on Earth, to within 15 feet.

The company has created a data map of the human population by combining government census numbers with information it’s obtained from space satellites, according to Janna Lewis, Facebook’s head of strategic innovation partnerships and sourcing. A Facebook representative later told CNBC that this map currently covers 23 countries, up from 20 countries mentioned in this blog post from February 2016.

The mapping technology, which Facebook says it developed itself, can pinpoint any man-made structures in any country on Earth to a resolution of five meters.

Facebook is using the data to understand the precise distribution of humans around the planet.

That will help the company determine what types of internet service — based either on land, in the air or in space — it can use to reach consumers who now have no (or very low quality) internet connections.

Source: Facebook has mapped populations in 23 countries as it explores satellites to expand internet

Whilst an impressive feat, it’s pretty damn scary big brother wise!

Millions of Time Warner Cable Customer Records Exposed in Third-Party Data Leak

Posted on by
Reply

Roughly four million records containing the personal details of Time Warner Cable (TWC) customers were discovered stored on an Amazon server without a password late last month.

The files, more than 600GB in size, were discovered on August 24 by the Kromtech Security Center while its researchers were investigating an unrelated data breach at World Wrestling Entertainment. Two Amazon S3 buckets were eventually found and linked to BroadSoft, a global communications company that partners with service providers, including AT&T and TWC.
[…]
he leaked data included usernames, emails addresses, MAC addresses, device serial numbers, and financial transaction information
[…]
Other databases revealed billing addresses, phone numbers, and other contact info for at least hundreds of thousands of TWC subscribers. The servers also contained a slew of internal company records, including SQL database dumps, internal emails, and code containing the credentials to an unknown number of external systems..
[…]
CCTV footage, presumably of BroadSoft’s workers in Bengaluru, India—where the breach is believed to have originated—was also discovered on the Amazon bucket.

Source: Millions of Time Warner Cable Customer Records Exposed in Third-Party Data Leak

Ouch!