Data Breaches

The UpGuard data breach research team discovered and secured leaks from IT services provider HCL, including new employee passwords.

Third-party Facebook apps gather Facebook data about the people who use them. While Facebook struggles to contain these exposures, insecure third-party data practices & misconfigured cloud systems continue to leak Facebook data to the internet. See how UpGuard discovered and secured two such cases.

Based on UpGuard's data breach research, the UK Parliament’s DCMS Committee prepared and published the final report detailing their 18 month investigation into online disinformation and the privacy practices of platforms such as Facebook. Read about the report, and the AggregateIQ breach discovery.

A storage server configured for public access exposed millions of files belonging to the Oklahoma Securities Commission.

ISPs do more than provide internet service for individual customers-- they can also act as part of US critical infrastructure. See how one ISP exposed their administrative and root passwords to the public.

Read how a misconfigured Amazon S3 bucket exposed strategy documents and voter call lists for the Tea Party Citizen's Fund.

The intersection of information technology and healthcare creates new and improved functionality for managing and delivering healthcare services, but it also entails new risks. See how one telemedicine company exposed thousands of medical records and hundreds of patient-doctor recordings online.

UpGuard discovered and helped secure an Australian company's code repository containing SQL backups of employee information, banking data, and more.

The UpGuard Cyber Risk Team has discovered and secured a data exposure of documents appearing to describe GoDaddy infrastructure running in the Amazon AWS cloud, preventing any future exploitation of this information.

Manufacturing companies rely on robotics automation to power their factories and ultimately, their businesses. See how one robotics vendor exposed confidential information for over 100 clients, including divisions of Toyota, Ford, GM, and Tesla.

Learn how 3.5 million records were exposed by Los Angeles County 211, including names, addresses, and call notes detailing reports of abuse and crisis.

Learn how over 48 million records containing personal data leaked from within the systems of a private intelligence search service.