On February 14th I discovered a non-password protected database that contained a massive amount of records totaling 146 million. Upon […]

On February 14th I discovered a non-password protected database that contained a massive amount of records totaling 146 million. Upon […]
The Institute of International Education (IIE), a US nonprofit that focuses on foreign exchange study and scholarship, exposed a database […]
On January 30th I discovered a non-password protected database that contained a massive amount of records totaling 440,336,852. Upon further review […]
Email marketing is big business and many companies rely on emails to keep in contact with their customers or potential […]
In October 2019 I discovered a database that contained 186,000 sales records and 40.4 million visitor IP addresses. From October […]
Two data incidents just months apart from each other. Back in February 2019 I found a database that belonged to […]
Religious website service Clover Sites exposed customer data for at least 6-7 months and the dataset was found twice on […]
There is a growing trend among organizations and companies to simply deny that live production data is real. As a […]
Way back in March, 2019 Security Discovery’s Bob Diachenko discovered a non-password protected database that contained 18,000 user names, mailing […]
On September 5th I discovered a non-password protected database that contained 1 folder named “Customers”. Every file contained references to […]
On August 19th I reported a non-password protected database that contained a massive 413GB of data and a total of […]
Online fundraising is a growing industry that has raised many billions of dollars for worthy causes from around the street […]
On July 30th I discovered an open database that contained 18,667 records including names, account numbers, transaction details, user credentials, […]
FamilaFacil, a Madrid-based home and family job search platform, has exposed its MongoDB database with details on their users and […]
In another Elasticsearch misconfiguration incident Credia.ge, a Tbilisi-based (Georgia) agency, exposed personal and loan information for thousands of its customers. […]
On August 4th I discovered an open and unprotected MongoDB database which appeared to be part of a Spanish company […]
On July 26th discovered a non password protected elastic data set that contained 5.2 million documents in total. Immediately, I […]
A database belonging to online voting system provider Everyone Counts has been exposed, leaving what appears to be “randomized and […]
On May 29th I discovered a database that contained what appeared to be a member list. Like most database names […]
On May 26th, I discovered a non-password protected database that contained what appeared to be millions of financial transactions. Upon […]