Login

Recent searches

No recent searches

Search options

Not available on photog.social.
photog.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for your photos and banter. Photog first is our motto Please refer to the site rules before posting.

Administered by:

Server stats:

271
active users

photog.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

#dataleak

1 post1 participant0 posts today
Public
JayeLTee

Found an exposed database with almost 2 million of really sensitive records from an Adoption Center in the US.

The company quickly fixed the exposure after I contacted them but never bothered to reply back to any of my emails.

Read about what was exposed here: jltee.substack.com/p/us-adopti

The Hub of Stupi.. *misconfigs · US Adoption Center Gladney Leaks Millions of Records Related to Adoptions PubliclyBy JayeLTee
#cybersecurity#infosec#data
Public
JayeLTee

Database for an internal chat with millions of chat messages and over 130,000 files with PII and PHI from the United States exposed publicly for over a month.

Contacted the company responsible for setting up the chat and one of their clients, a Mental Health Clinic, but no one replied back to me and just silently fixed the issue.

jltee.substack.com/p/internal-

The Hub of Stupi.. *misconfigs · Internal chat database for multiple US companies exposed publiclyBy JayeLTee
#cybersecurity#infosec#database
Replied to Vengeur Masqué
Public *
VM

#dataleak #infosec #GDPR
Some figures about the "recent" #twitter #dataleak

382 CSV files, 438 GB uncompressed.

94 twitter_users_extra_ZZZ.csv files which contain few things. 835 M lines.

288 twitter_users_NNN.csv files, 1.7 billions of lines.
Few really personal data, only 9 millions lines with an e-mail address (valid or not).

Some rare lines also include a description or an URL.

EDIT: sick CSV broke my first parser.

Public *
Vengeur Masqué

#dataleak #infosec #CNIL #RGPD
Quelques chiffres sur la fuite de données #twitter dont on a parlé récemment.

382 fichiers CSV, 438 GB décompressés.
94 twitter_users_extra_ZZZ.csv = 935 millions de lignes sans grand intérêt

288 fichiers twitter_users_NNN.csv, = 1.7 G lignes.
Peu de données réellement personnelles, seulement 9 millions de lignes avec une adresse e-mail, valide ou pas.

Certaines rares lignes comportent aussi une description et/ou une URL.

EDIT: CSV bizarres mal parsés

Public *
JayeLTee

🇺🇸 Direct Mail & Marketing Agency SequelDM was exposing their clients files with private information on millions of people publicly for months.

After being ignored by SequelDM I got in contact with some of their clients and one of them reached out to the company who then asked me to reach out directly just to never reply to any of my emails either way 😂

jltee.substack.com/p/direct-ma

The Hub of Stupi.. *misconfigs · Direct Mail & Marketing Agency Exposes Data of Millions of People PubliclyBy JayeLTee
#cybersecurity#infosec#data
Public
𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕

🧵 …oh look, once again (see toot above) Twitter / X was leaked again. Well, this is not surprising.

»Twitter (X) Hit by Data Leak of 2.8 Billion Users; Allegedly an Insider Job
Massive Twitter (X) data breach exposes details of 2.8 billion users; alleged insider leak surfaces with no official response from the company.«

🍿 hackread.com/twitter-x-of-2-8-

X (Twitter) Largest Data Breach Ever? 2.8 Billion User Info Exposed
Hackread - Latest Cybersecurity, Tech, AI, Crypto & Hacking News · Twitter (X) Hit by 2.8 Billion Profile Data Leak in Alleged Insider JobFollow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread
#twitter#breach#dataleak
Public
JayeLTee

All-in-One platform leaks millions of attachments from their clients.

This server contained a bit of everything, from sensitive piercing selfies next to identity docs, to passports, cvs, insurance docs and more.

Read about it here: jltee.substack.com/p/all-in-on

The Hub of Stupi.. *misconfigs · All-in-One Platform GoHighLevel Exposed Attachments From Their Clients PubliclyBy JayeLTee
#cybersecurity#infosec#data
Public *
nudism as an illegalism

I think #TrueNudists dot com, the fucking worst site ever, just had a #DataLeak

I have made multiple accounts there over the years, with some idea of trying to find anyone cool and/or spread anarcho-nudist propaganda

I have been receiving emails from different #Gmail accounts, all from "Jennifer", all addressing me as "Nudist" or "Somenudist", lol. I guess these are probably spoofed? Or do you think #Google is just that bad at keeping #spam off its servers?

Public
Dissent Doe :cupofcoffee:

Another day, another leak, another inaccurate claim by an entity, and another inappropriate attack on a researcher. Buckle up.

@JayeLTee had alerted me to his nasty encounter with TeammateApp's CEO. See his post infosec.exchange/@JayeLTee/114 and his substack at jltee.substack.com/p/new-zeala

My report/commentary is at :

No need to hack when it’s leaking, Monday edition: TeammateApp:
databreaches.net/2025/02/24/no

@zackwhittaker @SchizoDuckie

Infosec ExchangeJayeLTee (@JayeLTee@infosec.exchange)🇳🇿 I've had quite a few outrageous responses to my alerts, this is another one of those, sent by teammateapp.com CEO. After my initial alert and follow up email, I get a reply lying about the severity of the exposure and telling me to stop harassing the company. This CEO also didn't know what Proton is and thought I work for them and threatened to report me to them in case I didn't stop. :blobshrug: Read about it here: https://jltee.substack.com/p/new-zealand-companys-impossible-to-hack-security #cybersecurity #infosec #privacy #database #databreach #leak #newzealand #nz #teammateapp #ceo #incidentresponse
#incident_response#disclosure#notification
Replied in thread
Public *
🔗 David Sommerseth

I must admit before I started running /e/OS I was less aware of how bad so many apps were. The tracker section in the Advanced Privacy panel was an eye opener for me.

I've always had a preference for open source apps as far as it's been possible and. These days I do try to avoid most apps which has a poor scoring on Exodus.

Unfortunately, there are apps I cannot be without where there are no real alternative (like various services needed in your daily life, car rental, public transport, building access, etc) ... And I know /e/OS is adding a good layer of protection.

I only hope the Advanced Privacy protection gets updated as new trackers are discovered and closes this potential data leak as quick as it's possible to do.

And it really upsets me how greedy so many app makers are in regards to harvest data from their users.

Thank you, @gael , for your efforts trying to make the digital world a better place to be.

#privacy#dataleak#DatPrivacyDay2025
Public
JayeLTee

🇺🇸 Dental software company Orthominds exposed publicly over 300 database backups with PII & PHI of over 200,000 patients.

Another issue I dealt with that serves as a reminder to all companies that train their employees to ignore any email that has "scary" links that you might just be setting yourself up for failure doing that.

jltee.substack.com/p/dental-so

The Hub of Stupi.. *misconfigs · Dental software company exposes 300 clinic database backups publiclyBy JayeLTee
#cybersecurity#infosec#us
SearchLive feeds
About