Out of Pocket: How an ISP Exposed Administrative System Credentials

The UpGuard Cyber Risk team can now report that 73 gigabytes of downloadable data belonging to Washington-based internet service provider Pocket iNet was publicly exposed in a misconfigured Amazon S3 storage bucket. According to their ...

Overboard: How Tea Party Campaign Assets Were Exposed Online

The UpGuard Cyber Risk team can now disclose that call lists containing full names and phone numbers for over 527,000 individuals were publicly exposed in a misconfigured Amazon S3 bucket belonging to the Tea Party Patriots Citizens Fund ...

Public Option: How Medical Records and Patient-Doctor Recordings Were Exposed

The UpGuard Cyber Risk team can now disclose that detailed medical information for employees of 181 business locations, as well as personally identifiable information (PII) for nearly 3,000 individuals was publicly exposed in an unsecured ...

HR Violation: How a Corporate Data Exposure Can Affect Employees

The UpGuard Cyber Risk Research team has discovered and secured a data exposure containing medical information for hundreds of individuals and bank account numbers for several large Australian enterprises, preventing any future ...

Public Domain: How Configuration Information For the World's Largest Domain Name Registrar Was Exposed Online

The UpGuard Cyber Risk Team has discovered and secured a data exposure of documents appearing to describe GoDaddy infrastructure running in the Amazon AWS cloud, preventing any future exploitation of this information. The documents were ...

Short Circuit: How a Robotics Vendor Exposed Confidential Data for Major Manufacturing Companies

The UpGuard Cyber Risk team can now disclose that sensitive documents for over a hundred manufacturing companies were exposed on a publicly accessible server belonging to Level One Robotics, “an engineering service provider specialized in ...

LA Confidential: How Leaked Emergency Call Records Exposed LA County's Abuse & Crisis Victims

The UpGuard Cyber Risk Team can now disclose that sensitive data from the Los Angeles County 211 service, a nonprofit assistance organization described on their website as “the central source for providing information and referrals for all ...

Block Buster: How A Private Intelligence Platform Leaked 48 Million Personal Data Records

The UpGuard Cyber Risk Team can now confirm that a cloud storage repository containing information belonging to LocalBlox, a personal and business data search service, was left publicly accessible, exposing 48 million records of detailed ...

The AggregateIQ Files, Part Four: Northwest Passage

The UpGuard Cyber Risk Team’s discovery and analysis of an exposed data repository belonging to AggregateIQ (AIQ), a British Columbia-based data firm, has taken readers around the globe, implicating a number of high-profile political ...

The AggregateIQ Files, Part Three: A Monarch, A Peasant, and a Saga

In Part One of this series, “The AggregateIQ Files,” we explained how the UpGuard Cyber Risk Team’s discovery of a publicly downloadable data repository operated by British Columbia-based data firm AggregateIQ (AIQ) exposed technical tools ...

Learning Curve: How Personal Data for One Million Individuals Was Exposed

In an incident that calls to mind multiple data breaches in the analytics and influencing industries, the UpGuard Cyber Risk Team can now report that data relating to a number of subsidiaries of Kansas City holding company Blue Chair LLC, ...

The AggregateIQ Files, Part Two: The Brexit Connection

Our recent discovery and analysis of publicly downloadable code repositories originating from data analytics firm AggregateIQ has answered a few questions, but raised many more. In Part One of “The AggregateIQ Files,” we explained how the ...

The Aggregate IQ Files, Part One: How a Political Engineering Firm Exposed Their Code Base

The UpGuard Cyber Team’s latest discovery of a data leak, involving the exposed IT assets of a  data analytics firm based in British Columbia, Canada, presents significant questions for society about how technology can be used. In this ...

Health Risk: How a Medical Practice Exposed Details for 40,000 Patients

The UpGuard Cyber Risk Team can now confirm that a digital data repository containing records from a Long Island medical practice was left publicly accessible, revealing medical details and personally identifiable information for over ...

Cloud Burst: Software Delivery via Public Cloud Storage

(UPDATE 3/8/1018) After consultation with Capital One’s legal team and technical teams, UpGuard was informed that Capital One’s system security was not impacted by this matter, and UpGuard has therefore updated its post.

Double Indemnity: How An Insurer Exposed Its Customers

In a blow to consumer privacy that recalls previous breaches in the credit repair and marketing industries, the UpGuard Cyber Risk Team can now disclose that the Maryland Joint Insurance Association (JIA), a private-sector program ...

Bad Influence: How A Marketing Startup Exposed Thousands of Social Media Stars

In a striking illustration of how cyber risk affects even the newest and most novel enterprises in the digital economy, the UpGuard Cyber Risk Team can now disclose that a cloud repository belonging to Octoly, a Paris-based brand marketing ...

Home Economics: How Life in 123 Million American Households Was Exposed Online

In another blow to consumer privacy, the UpGuard Cyber Risk Team can now reveal that a cloud-based data repository containing data from Alteryx, a California-based data analytics firm, was left publicly exposed, revealing massive amounts ...

Credit Crunch: Detailed Financial Histories Exposed for Thousands

Coming only months after the revelation that the personal information of over 143 million Americans had been stolen from the systems of credit agency Equifax, the UpGuard Cyber Risk Team has discovered a new, damaging exposure from within ...

Black Box, Red Disk: How Top Secret NSA and Army Data Leaked Online

In the wake of a string of data exposures originating from Pentagon intelligence-gathering agencies, the most recent of which revealed the workings of a massive, worldwide social media surveillance program, the UpGuard Cyber Risk Team can ...
All posts