Security news aggregator

Latest coverage for Database

Stay informed on database security trends, breaches, and best practices in information security with our comprehensive news and updates.

35 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Databases store and organize data electronically, enabling efficient retrieval and management. They often hold sensitive information such as user credentials, financial records, or personal details, making them prime targets for attackers. Common database types include relational databases using structured query language (SQL) and NoSQL databases designed for unstructured data.

Security risks include SQL injection attacks that exploit improper input handling to manipulate or extract data, and misconfigured access controls that allow unauthorized users to view or alter information. Protecting databases involves strict authentication, role-based access controls, encryption of data at rest and in transit, and timely application of security patches to database software. Monitoring query logs and access patterns helps detect suspicious activity that could indicate compromise or insider threats.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 35 Filtered view

Investigators Found Months of Unchecked Database Scraping ActivitySouth Korea's privacy regulator fined Coupang a record 624.7 billion won after concluding that weak authentication controls, insider access abuse, evidence destruction and unauthorized data collection contributed to the exposure of personal information belonging to 33.7 million people.

Bank Info Security 2 months, 3 weeks ago

Health AI Firm Faces Lawsuits Over DNA Data Use, Disclosure

Complaints Allege Tempus AI Lacked Consent to Use, Share Data With Pharma Cos.A healthcare artificial intelligence firm that sells genetic information from an acquired database holding the results of millions of screening tests faces multiple putative class action lawsuits in Chicago federal court. Genetic data resists attempts to de-identify it, plaintiffs say.

Cybersecurity Startup Exposed Lilli Using a Flaw as Old as the WebSecurity startup CodeWall disclosed this week that its autonomous AI agent breached McKinsey's internal AI platform Lilli in two hours on Feb. 28, accessing tens of millions of messages and hundreds of thousands of files through a basic, years-old database flaw.

Bank Info Security 5 months, 1 week ago

Moltbook Gave Everyone Control of Every AI Agent

Database Misconfiguration Exposed 1.5 million API TokensA misconfigured database at Moltbook, the viral social network for AI agents, exposed 1.5 million API authentication tokens, 35,000 email addresses and private messages. Security researchers discovered unauthenticated read and write access to all platform data within days of launch.

Bank Info Security 7 months, 3 weeks ago

Data Leaks: Why Are We So Stupid About Free Online Services?

JSON Code 'Beautifiers' Expose Sensitive Data From Banks, Government AgenciesAt what price beauty? Apparently, some developers will paste anything into "JSON beautify" sites, from researchers report recovering authentication keys, database credentials, personally identifiable information for banking customers and much more.

DHS Plans to Expand SAVE Database Use Raise Privacy, Accuracy and Security ConcernsA Department of Homeland Security move to broaden an immigration verification database into a voter verification tool could expose sensitive information to security threats. Critics caution it accelerates a pattern of data being repurposed by the Trump administration for surveillance.

Bank Info Security 8 months, 2 weeks ago

Iranian Intel-Linked Cybersecurity School Hit by Data Breach

Ravin Academy Records Reveal Identities of More Than 1,000 ParticipantsA public database of internal records from Iran's Ravin Academy - a cyber school linked to the Ministry of Intelligence - has been published online, exposing potentially sensitive data on over 1,000 trainees, including individuals reportedly tied to Western institutions.

Bank Info Security 9 months, 3 weeks ago

150,000 Records of Home Health Care Firm Exposed on Web

Researcher Finds Database of Sensitive Patient Info With No Password ProtectionAn unencrypted database containing nearly 150,000 patient records of a California provider of home health and palliative care services was left exposed on the internet, said a cybersecurity researcher who discovered the unsecured data cache. Why does this keep happening in the healthcare sector?

Bank Info Security 10 months, 1 week ago

Medical Cannabis Firm Sued Over Health Data Exposure

Suits Filed After Researcher Found 1 Million Patient Records With No Password SetupAn Ohio firm that assists individuals in obtaining physician-certified medical marijuana cards is facing at least six proposed federal class action lawsuits so far involving the recent discovery by a security researcher of a database exposing nearly one million sensitive patient records on the web.

Bank Info Security 10 months, 3 weeks ago

Okta to Purchase Axiom Security to Bolster Privileged Access

Just-in-Time, Database, Kubernetes Access Fuel Privileged Access Startup M&ABy acquiring startup Axiom Security, Okta aims to enhance privileged access by offering broader coverage of sensitive assets like Kubernetes containers and databases. The company says the move accelerates value delivery and complements Okta's existing privileged access capabilities.

Bank Info Security 10 months, 3 weeks ago

Whistleblower: DOGE Made Live Copy of Social Security Data

Department of Government Efficiency Staffers Created 'Live Replica' of SSA DataThe Social Security Administration's chief data officer is warning in a whistleblower complaint that DOGE created a cloud replica of the Social Security database without proper authorization or oversight, potentially exposing the personal data of 300 million Americans.

Microsoft Urges Immediate Mitigation as State Actors Target SharePoint FlawHackers breached a sensitive database containing office locations and personal details of elected officials and staff in Canada's House of Commons. Hackers were able to "exploit a recent Microsoft vulnerability," according to an internal email sent to members and staff.

Bank Info Security 1 year, 2 months ago

Tracking Bugs: European Vulnerability Database Goes Live

EU Cybersecurity Agency-Run EUVD Tracks Mitigation Measures, Exploitation StatusEurope's new vulnerability-tracking service is now live. As mandated by the EU's NIS2 Directive, the European Vulnerability Database, or EUVD, is designed to be a one-stop shop for accessing aggregated, public information pertaining to known vulnerabilities in software and hardware.

Top Democrat Sounds Alarm Over Whistleblower Report of DOGE's Master DatabaseA top Democrat on the House Oversight Committee sounded the alarm after a whistleblower provided information to Congress warning that staffers for the Department of Government Efficiency violated federal data laws while building a "master database" of sensitive information across federal agencies.

Researcher Found Unsecured Database Server Containing 1,864 GB of OrthoMinds' DataAn orthodontic practice software vendor is notifying an undisclosed number of patients that their data was exposed to the internet for 10 days last November. The security researcher who discovered the data leak said the incident appears to have lasted longer and affected more than 200,000 patients.

Bank Info Security 1 year, 4 months ago

Clinical Trial Database Exposes 1.6M Records to Web

Researcher Says Firm Failed to Secure Sensitive Health Data From Survey FormsAn unsecured database containing 2 terabytes of data allegedly exposed more than 1.6 million clinical research records to the internet, including sensitive personal and medical information of patients, said the security researcher who discovered the lapse. Why does this keep happening?

Agency Calls Former Deadline to Clear Major Vulnerability Backlog Too 'Optimistic'The National Institute of Standards and Technology is still struggling with a backlog of over 19,000 security vulnerabilities in its National Vulnerability Database, according to a recent announcement, which acknowledged initial projections to clear the unassessed software flaws were too optimistic.

Bank Info Security 1 year, 8 months ago

Google AI Agent Finds Zero-Day in Popular Database Engine

Now-Fixed Flaw Is Big Sleep's First Real-World Bug Find, Say ResearchersGoogle's "highly experimental" artificial intelligence agent Big Sleep has autonomously discovered an exploitable memory flaw in popular open-source database engine SQLite. The researchers detail how the AI agent discovered the now-patched vulnerability.

Loading more headlines...