Data Breaches

An AWS S3 bucket configured for public access contained a file from 2010 with six million email addresses, apparently from the Democratic Senatorial Campaign Committee.

A company that matches individuals with clinical trials in Australia and New Zealand exposed personal information on over 37,000 people via a misconfigured MongoDB.

Thousands of files including medical, business, and legal data were exposed via a misconfigured AWS S3 storage bucket.

Backups ensure data continuity, but they're also a surface of risk. See how Fortune 100 vendor Attunity exposed nearly a terabyte of internal backups.

The UpGuard data breach research team discovered and secured leaks from IT services provider HCL, including new employee passwords.

Third-party Facebook apps gather Facebook data about the people who use them. While Facebook struggles to contain these exposures, insecure third-party data practices & misconfigured cloud systems continue to leak Facebook data to the internet. See how UpGuard discovered and secured two such cases.

Based on UpGuard's data breach research, the UK Parliament’s DCMS Committee prepared and published the final report detailing their 18 month investigation into online disinformation and the privacy practices of platforms such as Facebook. Read about the report, and the AggregateIQ breach discovery.

A storage server configured for public access exposed millions of files belonging to the Oklahoma Securities Commission.

UpGuard discovered and helped secure an Australian company's code repository containing SQL backups of employee information, banking data, and more.

Read how a misconfigured Amazon S3 bucket exposed strategy documents and voter call lists for the Tea Party Citizen's Fund.

The intersection of information technology and healthcare creates new and improved functionality for managing and delivering healthcare services, but it also entails new risks. See how one telemedicine company exposed thousands of medical records and hundreds of patient-doctor recordings online.

The UpGuard Cyber Risk Team has discovered and secured a data exposure of documents appearing to describe GoDaddy infrastructure running in the Amazon AWS cloud, preventing any future exploitation of this information.