Data Breach at MC2 Data Leaves 100 Million at Risk of Fraud
The data leak exposed personal data of 100m US citizens, resulting from a misconfigured database made accessible online
Stay informed on the latest exposure risks in information security. Expert analysis, breach updates, and data leak prevention tips. Stay secure!
Search across headline titles and summaries.
Background for this topic.
Exposure is the condition in which a system, service, credential, vulnerability, or sensitive information is accessible or discoverable by people or systems that should not reach it. In threat modeling, it describes an attack surface or loss of control—not proof that an attacker has succeeded. Examples include an internet-facing administration interface, cloud storage with unintended permissions, a secret committed to source code, or personal data sent to an unintended recipient. Its significance depends on what is exposed, who can reach it, and which protections remain.
The primary defense is exposure reduction: maintain an accurate asset inventory, remove unnecessary public access, enforce least-privilege permissions and strong authentication, patch externally reachable software, and revoke leaked credentials or secrets. Encryption can limit the value of exposed data, but does not correct an exposed access path. Continuous scanning and log review help identify changes and support rapid containment when exposure is discovered.
The data leak exposed personal data of 100m US citizens, resulting from a misconfigured database made accessible online
CISA warned today of threat actors trying to breach critical infrastructure networks by targeting Internet-exposed industrial devices using "unsophisticated" methods like brute force attacks and default credentials. [...]
Some 3191 email addresses for congressional staff are available on the dark web
AutoCanada is warning that employee data may have been exposed in an August cyberattack claimed by the Hunters International ransomware gang. [...]
The Centers for Medicare & Medicaid Services (CMS) federal agency announced earlier this month that health and personal information of more than three million health plan beneficiaries was exposed in the MOVEit attacks Cl0p ransomware conducted last year. [...]
Thousands of devices remain vulnerable, US most exposed to the threat Tens of thousands of fuel storage tanks in critical infrastructure facilities remain vulnerable to zero-day attacks due to buggy Automatic Tank Gauge systems from multiple vendors, say infosec researchers. …
Thousands of devices remain vulnerable and the US is most exposed to the threat Tens of thousands of fuel storage tanks in critical infrastructure facilities remain vulnerable to zero-day attacks due to buggy Automatic Tank Gauge systems from multiple vendors, say infosec researchers. …
Mandiant publishes cheat sheet for weeding out fraudulent IT staff Against a backdrop of rising exposure to North Korean agents seeking (mainly) US IT roles, organizations now have a cheat sheet to help spot potential operatives.…
11M devices exposed to trojan, Kaspersky says The Necro trojan is once again making a move against Android users, with up to eleven million individuals thought to be exposed to infected apps.…