Our team of ethical security research experts uncovers and discloses serious data leaks as part of a free community service we perform for the web at large.
Blog Posts
A Comparative Analysis: Twitter vs. Threads in Terms of Interactions
In the ever-evolving landscape of social media, competition among platforms intensifies as users seek new and engaging experiences. In July 2023, a new player called "Threads" entered the scene, positioning itself as a text-based alternative to Instagram. As X’s newest competitor, Threads has gained significant attention and garnered millions of users within a short span of...
Italian Insurer’s Data Breach Uncovered Sensitive Staff Documents
Italian Insurer’s Data Breach Uncovered Sensitive Staff Documents Vittoria Assicurazioni’s open buckets exposed hundreds of thousands of files containing sensitive company, staff, and course attendee data. Company name and location: Vittoria Assicurazioni, based in Italy Size (in GB and amount of records/files): Around 280GB, 970,000+ files Data Storage...
Nigerian Healthcare Agency Exposed Thousands of Applicants’ Personal Data
A Nigerian government healthcare agency’s unsecured buckets exposed thousands of applicants’ personal data Company name and location: PLASCHEMA (Plateau State Contributory Health Care Management Agency), based in Nigeria Size (in GB and amount of records/files): Around 45GB, totaling over 75,000 files Data Storage Format: AWS S3 bucket Countries...
US Constitutional Church Leaves Ministers’ Data Unsecured
American Marriage Ministries (AMM) exposed PII and sensitive data belonging to marriage officiants and married couples. Company name and location American Marriage Ministries (AMM), based in the US Size of the breach Almost 630 GB of data, over 715,000 files Data storage format AWS S3 bucket Countries affected The United States Exposed data...
Korean Loyalty Platform Exposed Around a Million Customers’ Personal Data
Dodo Point’s open Amazon bucket exposed at least 1 million customers’ PII and thousands of retail outlets’ sensitive data. Company name and location Dodo Point, operated by Yanolja Cloud, based in Seoul, South Korea Size (in GB and amount of files) Over 38 GB of data, around 73,000 files Data Storage Format Amazon AWS S3 bucket Countries...
Millions of Users’ Website Traffic Exposed in Data Breach
Company name and location: Unknown Size (in GB and amount of records): Around 359M records, 579.4 GB of data Data Storage Format: ElasticSearch Countries Affected: Worldwide The Website Planet research team discovered a critical data exposure affecting an organization using an open-source data analytics software that allows entities to gather...
Report: US Marketing Platform Exposed Millions of Leads’ Data
Company name and location: Beetle Eye, located in the USA Size (in GB and amount of records): 1+ GB of data, 6K files People affected: 7 Million (approx.) Data Storage Format: Amazon S3 bucket Countries Affected: Primarily USA The Website Planet research team uncovered a large data breach affecting the American marketing automation platform Beetle Eye. Beetle...
Report: Conferencing Service Exposes Private Customers’ Meetings
Company name and location: Civicom Inc., located in the USA Size (in GB and amount of records): 100,000+ files, over 8TB Data Storage Format: AWS S3 bucket Countries Affected: USA The Website Planet security team uncovered a data breach affecting the B2B conferencing service Civicom Inc. The US firm, which specializes in online video conferencing, left its...
Report: US Supply-Chain Platform Exposes Sensitive Data of Businesses
Company name and location: ePallet Inc., located in CA, USA Size (in GB and amount of files): Over 2.5 million files, totalling 600+ GB of data No. of Companies Affected: 100 to 200 businesses Data Storage Format: Amazon S3 bucket Country Affected: USA Intro The Website Planet research team identified a data exposure affecting the...
Report: US Logistics Company Exposes Fortune 500 Clients
Company name and location: D.W. Morgan, headquartered in the USA Size (in GB and amount of records): 100+ GB of data, over 2.5 million files Data Storage Format: AWS S3 bucket Countries Affected: Worldwide The Website Planet security team discovered a data breach affecting D.W. Morgan, a multinational supply chain management and logistics company based in the...
Report: French Estate Agency Leaks Thousands of Customer Files
Company name & location: GSI Immobilier, located in France Size (in GB and amount of records): 2 GB of data, 1342 records Data Storage Format: Microsoft Azure Blob Countries Affected: France & England The Website Planet research team can reveal a damaging data leak belonging to the French real estate agency, GSI Immobilier. GSI Immobilier is an Alpine...
Huge U.S. Supermarket Chain Exposes Sensitive Credentials
Company name and location: Wegmans, based in the USA Size (in GB and amount of records): 626 MB (No. of records unknown) Data Storage Format: Microsoft Azure Blob Countries Affected: USA (but only company technical data) The Website Planet research team has uncovered a data breach affecting the U.S. regional supermarket and eCommerce chain Wegmans. Wegmans is a...
Report: Colombian Financial Credit Provider Leaks Customers Personal Information
Company name and location: Credinet.co / Sistecredito, based in Colombia Size: Around 100 MB of data, totaling 143,876 records Data Storage Format: Elasticsearch Countries Affected: Colombia The Website Planet research team can reveal a significant data leak affected Credinet, a credit platform owned by the Colombian financial company Sistecredito. Sistecredito...
Report: Multinational Logistics Company Exposed Customers’ in Data Breach
Company name and location: Bergen Logistics, located in the USA, Canada, Europe & Asia. Size: Less than 100 MB, exposing 467,979 records Data Storage Format: Elasticsearch Countries Affected: USA The Website Planet security team uncovered a data leak affecting Bergen Logistics, a rapidly-growing order fulfillment provider based...
Report: UK Recruitment Firm Leaked Sensitive Applicant Data
Company name and location: FastTrack Reflex Recruitment (now part of Team Resourcing Ltd.), based in the United Kingdom. Size: 5 GB of data leaked, with 21,000 exposed files. Data Storage Format: AWS S3 Bucket. Countries Affected:Primarily affected UK citizens, though some people were from Europe, Western Asia, and the US. The Website Planet research team...