Our team of ethical security research experts uncovers and discloses serious data leaks as part of a free community service we perform for the web at large.
Blog Posts
Report: Church Website Builder Leaves Clergy & Volunteer Data Vulnerable
Originally published on September 3th, 2019 Severity: High Type: ElasticSearch Database Size: 300mb accounting for 65,800 records Countries Affected: United States, Canada, multiple European countries, Caribbean nations, South Africa, Democratic Republic of Congo, Australia, New Zealand, etc. Our security research team at Website Planet has recently uncovered a...
Italian Insurer’s Data Breach Uncovered Sensitive Staff Documents
Italian Insurer’s Data Breach Uncovered Sensitive Staff Documents Vittoria Assicurazioni’s open buckets exposed hundreds of thousands of files containing sensitive company, staff, and course attendee data. Company name and location: Vittoria Assicurazioni, based in Italy Size (in GB and amount of records/files): Around 280GB, 970,000+ files Data Storage...
Nigerian Healthcare Agency Exposed Thousands of Applicants’ Personal Data
A Nigerian government healthcare agency’s unsecured buckets exposed thousands of applicants’ personal data Company name and location: PLASCHEMA (Plateau State Contributory Health Care Management Agency), based in Nigeria Size (in GB and amount of records/files): Around 45GB, totaling over 75,000 files Data Storage Format: AWS S3 bucket Countries...
US Constitutional Church Leaves Ministers’ Data Unsecured
American Marriage Ministries (AMM) exposed PII and sensitive data belonging to marriage officiants and married couples. Company name and location American Marriage Ministries (AMM), based in the US Size of the breach Almost 630 GB of data, over 715,000 files Data storage format AWS S3 bucket Countries affected The United States Exposed data...
Korean Loyalty Platform Exposed Around a Million Customers’ Personal Data
Dodo Point’s open Amazon bucket exposed at least 1 million customers’ PII and thousands of retail outlets’ sensitive data. Company name and location Dodo Point, operated by Yanolja Cloud, based in Seoul, South Korea Size (in GB and amount of files) Over 38 GB of data, around 73,000 files Data Storage Format Amazon AWS S3 bucket Countries...
Millions of Users’ Website Traffic Exposed in Data Breach
Company name and location: Unknown Size (in GB and amount of records): Around 359M records, 579.4 GB of data Data Storage Format: ElasticSearch Countries Affected: Worldwide The Website Planet research team discovered a critical data exposure affecting an organization using an open-source data analytics software that allows entities to gather...
Report: US Marketing Platform Exposed Millions of Leads’ Data
Company name and location: Beetle Eye, located in the USA Size (in GB and amount of records): 1+ GB of data, 6K files People affected: 7 Million (approx.) Data Storage Format: Amazon S3 bucket Countries Affected: Primarily USA The Website Planet research team uncovered a large data breach affecting the American marketing automation platform Beetle Eye. Beetle...
Report: Conferencing Service Exposes Private Customers’ Meetings
Company name and location: Civicom Inc., located in the USA Size (in GB and amount of records): 100,000+ files, over 8TB Data Storage Format: AWS S3 bucket Countries Affected: USA The Website Planet security team uncovered a data breach affecting the B2B conferencing service Civicom Inc. The US firm, which specializes in online video conferencing, left its...
Report: US Supply-Chain Platform Exposes Sensitive Data of Businesses
Company name and location: ePallet Inc., located in CA, USA Size (in GB and amount of files): Over 2.5 million files, totalling 600+ GB of data No. of Companies Affected: 100 to 200 businesses Data Storage Format: Amazon S3 bucket Country Affected: USA Intro The Website Planet research team identified a data exposure affecting the...
Report: US Logistics Company Exposes Fortune 500 Clients
Company name and location: D.W. Morgan, headquartered in the USA Size (in GB and amount of records): 100+ GB of data, over 2.5 million files Data Storage Format: AWS S3 bucket Countries Affected: Worldwide The Website Planet security team discovered a data breach affecting D.W. Morgan, a multinational supply chain management and logistics company based in the...
Report: French Estate Agency Leaks Thousands of Customer Files
Company name & location: GSI Immobilier, located in France Size (in GB and amount of records): 2 GB of data, 1342 records Data Storage Format: Microsoft Azure Blob Countries Affected: France & England The Website Planet research team can reveal a damaging data leak belonging to the French real estate agency, GSI Immobilier. GSI Immobilier is an Alpine...
Huge U.S. Supermarket Chain Exposes Sensitive Credentials
Company name and location: Wegmans, based in the USA Size (in GB and amount of records): 626 MB (No. of records unknown) Data Storage Format: Microsoft Azure Blob Countries Affected: USA (but only company technical data) The Website Planet research team has uncovered a data breach affecting the U.S. regional supermarket and eCommerce chain Wegmans. Wegmans is a...
Report: Multinational Logistics Company Exposed Customers’ in Data Breach
Company name and location: Bergen Logistics, located in the USA, Canada, Europe & Asia. Size: Less than 100 MB, exposing 467,979 records Data Storage Format: Elasticsearch Countries Affected: USA The Website Planet security team uncovered a data leak affecting Bergen Logistics, a rapidly-growing order fulfillment provider based...
Report: Indian Cloud Infrastructure Company Leaves Customer Data Exposed
Originally published on October 23th, 2019 Company: E2E Networks Hosting (formerly Spikecloud) Severity: High Type: ElasticSearch Database Size: 8GB, amounting to 21,682,731 records exposed Countries Affected: Primarily India Our security research team at Website Planet has discovered a large database breach on the severs of Cloud Infrastructure company E2E...
Report: US Shipping Management Software Exposed by Data Breach
Company name and location: Unknown Breach size: 4,361 files exposed (103 GB) Number of people exposed: 4,000+ Data Storage Format: AWS S3 Bucket Countries Affected: United States A US-based software company in the freight industry has been exposed in a 103GB data breach, affecting more than 4,000 people including the company’s employees, sales reps and people...