Data leaked Archives | Vednam https://vednam.com/tag/data-leaked/ Latest News on Cyber Security,Hacking and Tech Wed, 01 Jul 2020 08:10:03 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.3 https://vednam.com/wp-content/uploads/2020/05/cropped-LOGO-PNG-02-1-32x32.png Data leaked Archives | Vednam https://vednam.com/tag/data-leaked/ 32 32 269 GB of U.S Police and Fusion Centres Data Leaked Online https://vednam.com/269-gb-of-u-s-police-and-fusion-centres-data-leaked-online/ https://vednam.com/269-gb-of-u-s-police-and-fusion-centres-data-leaked-online/#respond Tue, 23 Jun 2020 03:07:06 +0000 https://vednam.com/?p=969 Finding the Report, A group of Hacktivists and advocates have published a huge data of 269 GB of Data Leaked allegedly stolen from 200 Police departments, fusion centers, and other law enforcement agencies across the United States. From the Blue Leaks, the data which is exposed or leaked by the DDoSecrets group which contains hundreds […]

The post 269 GB of U.S Police and Fusion Centres Data Leaked Online appeared first on Vednam.

]]>
Finding the Report, A group of Hacktivists and advocates have published a huge data of 269 GB of Data Leaked allegedly stolen from 200 Police departments, fusion centers, and other law enforcement agencies across the United States.

From the Blue Leaks, the data which is exposed or leaked by the DDoSecrets group which contains hundreds of sensitive documents from the past 10 years that may include official and personal information.

DDoSecrets of the Distributed Denial of secrets works the same as the WikiLeaks include transparency work. they publicly publish data and classified information that is submitted by the hackers while claiming the organizations themselves and never get involved in the extraction of the data.

As the hacktivist Group, the BlueLeaks dump having the information of “Police and FBI reports, guides, bulletins and more details which provide the unique insights into enforcement and a wide array of government activities that include the thousands of documents mentioning about the COVID19. 

We are gonna find a Screenshots of the Blue Leaks dump which show the data contains around millions of the files which include images, document, videos, web pages, text files, emails, audio files and more though they yet to investigate how many files are classified and that not supposed to be public.

269 GB of U.S Police and Fusion Centres Data Leaked Online
269 GB of U.S Police and Fusion Centres Data Leaked Online

The Blueleaks having the data which contained intelligence on protests include the recent countrywide “Black Lives matter” and that protest in the U.S which followed the death of George Floyd at the time when he was in the custody of Minneapolis.

The Blue Leaks have the list of U.S agencies are : 

  • Alabama Fusion Center
  • Austin Regional Intelligence Center
  • Boston Regional Intelligence Center
  • Colorado Information Analysis Center
  • California Narcotic Officers’ Association
  • Delaware Information and Analysis Center
  • FBI Houston Citizens Academy Alumni Association
  • FBI National Academy Association Arkansas/Missouri Chapter
  • FBI National Academy Association Michigan Chapter
  • FBI National Academy Association of Texas

When Finding it appears that the source of the massive data stems from a security breach at Houston-based web hosting ‘Netsential Inc’, and the web server for the National Fusion Center Association (NFCA) is hosted as security bloggers mention it.

The Fusion centers are having the information centers which enable intelligence sharing between local, territorial law enforcement, tribal and federal agencies which maximizing the ability to detect, investigate, prevent and respond to criminal and terrorist activities.

The NFCA confirmed that the “Data leaked was actually of around 24 years which are from August 1996 through June 19, 2020. The document which includes names, email addresses, phone number, PDF documents, images, and a large number of text, video, CSV and ZIP files”.

Netsential confirmed about the threat actor which had leveraged a compromised Netsential customer user account and the web platforms upload features and exfiltrated other Netsential customer data which include U.S police agencies.

NetSential is the same web hosting company that can previously be abused by the attackers that infect targeted victims with ransomware by sending spoofed spear-phishing emails.

Found this article informative? Follow Vednam on Facebook, Twitter, Mix, Tumbler, and Linkedin to know more exclusive content we post.

 

 

The post 269 GB of U.S Police and Fusion Centres Data Leaked Online appeared first on Vednam.

]]>
https://vednam.com/269-gb-of-u-s-police-and-fusion-centres-data-leaked-online/feed/ 0
Whats app Phone Number Exposed on Google Search result-How ? https://vednam.com/whats-app-phone-number-exposed-on-google-search-result-how/ https://vednam.com/whats-app-phone-number-exposed-on-google-search-result-how/#respond Mon, 08 Jun 2020 13:18:19 +0000 https://vednam.com/?p=814 A researcher discovered that the Phone Number which is tied with the Whats app account are indexed publicly found on Google search that may be questioned on the privacy policy for the users. From the report, the Researcher warns about the feature called “click to chat” options which users mainly use in their mobile phone […]

The post Whats app Phone Number Exposed on Google Search result-How ? appeared first on Vednam.

]]>
A researcher discovered that the Phone Number which is tied with the Whats app account are indexed publicly found on Google search that may be questioned on the privacy policy for the users.

From the report, the Researcher warns about the feature called “click to chat” options which users mainly use in their mobile phone number at risk- Google is allowed to index all the number of everyone who is using this application and anyone can find you on google search after that.

Form the Facebook or as you call whats owner “There is no big deal and that the search results which only reveal what the user wants to share publicly”

A Bug-bounty Hunter “ They discovered the issue which basically said the phone number is leaked and that may put the user security and privacy at risk”

“Click to chat” Offers the website an easy way to initiate a whats app chat session without the website visitor. It works through QR(Quick Response ) code image and that was created by the third-party services and the site owner uses their mobile phone number. The QR code helps visitors to scan the code and directly start the whats app chat session-visitors don’t need the dialed number itself. The Visitor can start access to the phone number once the session starts.

The only issues do not end here. Jayaram mentioned that” The Click to chat metadata has been indexed by the google search engines index and the mobile number comes in Google search results. The phone number which is revealed because of the URL string  (https://wa.me/<phone_number>) and after the “leaks” the mobile phone number of WhatsApp users in the plaintext according to me”.

The “wa.me” is owned and maintained by WhatsApp that was mentioned in WHOIS records.

Your mobile number is visible in plaintext in the URL which anyone who gets hold of the URL can know your mobile number. You cannot revoke it.

He mentioned that it was easier for the spammers to compile legitimate phone numbers to mount campaigns that are specially crafted which have search strings of the domain http://wa.me/ around the Google indexed 300,000 WhatsApp phone numbers.

“ As individual phone number is leaked which can attack by the message and call and sell the phone number to marketers, Spammers which can use scammers,” he said

Google Search only revealed the phone number and not the identifies of users that they connected.

The researcher mentioned that ”they are able to  to see the user’s profile picture on what’s app along with their phone numbers”

A hacker could reverse image search the user’s profile picture in hopes of collecting enough clues to establish the user’s identity.

Whats app Phone Number Exposed on Google Search result-How ?
What’s app Phone Number Exposed on Google Search result-How?

Click to chat is used for the WhatsApp user to chat with any user without saving the contact on their phone.

 

The post Whats app Phone Number Exposed on Google Search result-How ? appeared first on Vednam.

]]>
https://vednam.com/whats-app-phone-number-exposed-on-google-search-result-how/feed/ 0
Zee5 Hacked-150GB Data leaked from Video On demand Platform https://vednam.com/zee5-hacked-and-data-leaked/ https://vednam.com/zee5-hacked-and-data-leaked/#comments Mon, 08 Jun 2020 05:54:24 +0000 https://vednam.com/?p=796 Hackers are on their work and this time they hit an Indian Video On-demand platform ZEE5. ZEE5 data hacked and threatened to sell the data on the dark web markets. The hacker mentioned the name “john wick” who had hands in breaching the ZEE5 systems and downloaded 150GB of live data and also stole the […]

The post Zee5 Hacked-150GB Data leaked from Video On demand Platform appeared first on Vednam.

]]>
Hackers are on their work and this time they hit an Indian Video On-demand platform ZEE5. ZEE5 data hacked and threatened to sell the data on the dark web markets.

The hacker mentioned the name “john wick” who had hands in breaching the ZEE5 systems and downloaded 150GB of live data and also stole the source code of the Website.

Mainstream Story

According to the report which is circulated on the internet”the hacker who breached the data has a connection from the Korean hacking group which executed this plan successfully and sold all the data on the hackers’ forums”.

Zee5 Hacked-150GB Data leaked from Video On demand Platform
Source: News

 

Hackers group shared some of the proof that they have access to the ZEE5’s Private code which are confirmed by the monitoring team and it was said that the access proof is correct the hack happened between the end of February or March.

Few Days after the hackers shared the other sample which is a very serious concern because this sample has the live code secret keys and credentials of the unsecured AWS.

The last breach was also detected on the 24th April 2020 and clearly indicated that the hacker has access to recently subscribed users and the database which contains user details among every state of India.

The database breach which we are talking about has the records of the “Payment Platform”.This is really becoming a big deal for the company that the user data with payment details that mainly harms the users who are connected with the ZEE5.

According to Ralph Wagner “We don’t manage the Zee5 Database and nor the Mysql database which are mentioned. I will investigate the whole breach and then we will share the proper details’

The leaked data includes which such information like :

Zee5 Hacked-150GB Data leaked from Video On demand Platform
Source: News
  1. Email Address
  2. Mobile Numbers
  3. Recent transaction 
  4. Passwords

An Email sent to the different news agency which mentions “will expose your database & code in public for the open sale soon”

Zee5 Hacked-150GB Data leaked from Video On demand Platform
Source: News

The Email address si sends from a secure and encrypted email service which cannot be able to trace the email. The mail send from the hacker through “hckindi@tutanota.com

This email server is used in different campaigns like Dharma ransomware and the same email address which is seen used by the Korean hacker.

This is not the first time this hacking happens with the ZEE5. This all breach happens and the company says or takes any action on the breach.

If you like the Content comment and share it with others. Thank you for reading the article.

 

The post Zee5 Hacked-150GB Data leaked from Video On demand Platform appeared first on Vednam.

]]>
https://vednam.com/zee5-hacked-and-data-leaked/feed/ 1
70 Million records Leaked from Aussie Football Site https://vednam.com/70-million-records-leaked-from-aussie-football-site/ https://vednam.com/70-million-records-leaked-from-aussie-football-site/#respond Mon, 01 Jun 2020 14:33:22 +0000 https://vednam.com/?p=689 According to the source, an Australian football fan site has been under threat and it was found that around 70 million records have been leaked. It was also mentioned that the data leaked included personal details and racist private messages, via unprotected elastic search. While investigating the data leak we found it was around 132 […]

The post 70 Million records Leaked from Aussie Football Site appeared first on Vednam.

]]>
According to the source, an Australian football fan site has been under threat and it was found that around 70 million records have been leaked. It was also mentioned that the data leaked included personal details and racist private messages, via unprotected elastic search.

While investigating the data leak we found it was around 132 GB data which is linked with Bigfooty.com, a website and mobile application mainly made for the Aussie Rules Football where around 100,000 members joined in that.

Although going deep in investigating, a Security officer found that the data leaked not only contain personal information. Some of them are anonymous users and some people private messages seen by the security officer which contain email addresses, passwords, and usernames for the site and the live streams

If the cyber attacker has known your data from the database they may have got useful credential stuffing to attack the other sites.

Finding the whole user messages it contains personal threats and racist content, which could be used for the cyber attacker to blackmail that user.

The security officer said” The private messages are fully exposed and it was leaked and you can’t trace back to the specific users. The leak data contains high-profile users like an Australian police officer and government employees “

The private information that belongs to the individuals may include the chat and email address that was enough for the cyber attacker to blackmail and damage the reputation of high profile or even normal users also.

When we talk about the technical term it was also mentioned that the site includes the IP address, Server and OS information, GPS data, and access logs that may allow hackers to compromise the part of IT infrastructure.

The leak was closed by the Australian Cybersecurity center after a short period of time and BigFooty didn’t respond after that.

The security office has seen more accidents and leaks at two popular money-saving websites and perhaps most time it happens with the adult live streaming site.

The post 70 Million records Leaked from Aussie Football Site appeared first on Vednam.

]]>
https://vednam.com/70-million-records-leaked-from-aussie-football-site/feed/ 0
Dark Web Hosting provider database leaked by Hacker https://vednam.com/dark-web-hosting-provider-database-leaked-by-hacker/ https://vednam.com/dark-web-hosting-provider-database-leaked-by-hacker/#comments Sun, 31 May 2020 20:01:51 +0000 https://vednam.com/?p=667 Today a hacker leaked the database of Daniel Hosting(DH), the free web hosting for the dark web services. According to the DH owner, Daniel Winzen mentioned that on 10 march 2020 the hacker breached the database and leaked the data, they also wiped all the servers. On March 26, after the two weeks of the […]

The post Dark Web Hosting provider database leaked by Hacker appeared first on Vednam.

]]>
Today a hacker leaked the database of Daniel Hosting(DH), the free web hosting for the dark web services. According to the DH owner, Daniel Winzen mentioned that on 10 march 2020 the hacker breached the database and leaked the data, they also wiped all the servers.

On March 26, after the two weeks of the breach, DN shut down the services for the good urging users to move their site to the new dark web hosting providers. It was mentioned that around 7,600 websites which are an approx third of all dark web portals went down.

Dark Web Hosting provider database leaked by Hacker
Dark Web Hosting provider database leaked by Hacker

DATA LEAKED

A hacker called him KingNull uploaded the file of DH’s stolen database on a file-hosting portal.

According to the cursory analysis of the total overall data dump, the leaked data includes 3,671 e-mail addresses and 8,580 private keys, and 7,205 account passwords for the .onion (dark web) domains.

The main point they leaked the database which has sensitive information on the owner and several users that have darknet domains.

The leaked data can be used to tie the user of leaked email which has a certain dark web portal.

Dark Web Hosting provider database leaked by Hacker
Dark Web Hosting provider database leaked by Hacker

The information which is leaked may help to track the specific user and helps the government to take legal action if anyone is taking part in illegal activities on these darknet users.

That is an important point for the user of the dark web portal “ if the site owner moves their dark web portals to the other hosting provider and they don’t change the passwords then it may be affected again”. If the hacker has access to the new accounts because they cracked the DH hashed password previously that may help them again to take over.

Overall the threats intelligence firms and law enforcement team are finding the clues but the hacker has left no clues. The IP address is only the last option but they don’t find it in dumped data.

HACKED DH SECOND TIME AGAIN

In March 2020, it was the second time DH hacked and suffered the data breach. The first incident happened in November 2018 where the site backend database server was breached and deleted all sites. Around 6,500 sites were wiped at that time and no data was ever leaked.

This was not only the story that happened with DH hosting in the year 2017 some other hacker collective tool down freedom Hosting when they discovered hosting provider was sheltering child abuse portals.

The DH hosting still planned to launch the services but this time they made some more improvements and that was the main priority.

 

The post Dark Web Hosting provider database leaked by Hacker appeared first on Vednam.

]]>
https://vednam.com/dark-web-hosting-provider-database-leaked-by-hacker/feed/ 1
8 billion Thai internet records leaked ! https://vednam.com/8-billion-thai-internet-records-leaked/ https://vednam.com/8-billion-thai-internet-records-leaked/#comments Tue, 26 May 2020 06:04:55 +0000 https://vednam.com/?p=496 From Source, It started on 7 May and it took too long time May 22 to secure the database. Cyber experts discovered an exposed Elastic Search database when people were browsing BinaryEdge and Shodan. The database which leaked appeared to be under control by a Thailand-based mobile network operator which is mainly known as Advanced […]

The post 8 billion Thai internet records leaked ! appeared first on Vednam.

]]>
From Source, It started on 7 May and it took too long time May 22 to secure the database. Cyber experts discovered an exposed Elastic Search database when people were browsing BinaryEdge and Shodan. The database which leaked appeared to be under control by a Thailand-based mobile network operator which is mainly known as Advanced Info Service(AIS).

Finding deep news it comes that AIS is the Thailand largest GSM mobile Network which has almost “40.23 million customers” as of 2018. The database is maintained and controlled by the subsidiary Advanced Wireless Network(AWN). It has the combination of DNS query logs and NetFlow logs that appears to be an AWN customer. If someone got all this data then it is easy to create a user track of internet surfing. After this information comes then the Thailand national CERT Team (ThaiCERT) be in action and contact AIS and secure the database.

 

What is AWN?

According to the source, AWN is a provider of wired as well as wireless network service and telecommunication network provider. This company started in 2005 according to website information. AWN is the subsidiary company of Advanced info Service (AIS).

AWN’s network connects directly with AIS which has only upstream peers. When the ThaiCERT contacted AIS about the exposed database then the database went offline.

 

8 billion Thai internet records leaked!

When did that data leak start?

Based on the source story, the data was first hit on May 1 and then after May 7, 2020. There was not a single server left exposed on the internet without any authentication.AIS has been notified about the exposed database.

How Much Data Leaked?

Overall it would be 8.3 billion documents which are around 4.7 Terabyte data. On May, 21st,2020 8,336,189,132 Documents were stored in the database, and data contained NetFlow data and DNS Query logs. When they found it was roughly logged for only 8 days but why? 

 

Why they stopped logging after 8 Days questions are still open. Team perception is that they got more data than they entered to capture. Forensic says they logged roughly 2,538 DNS seconds per second for that period of time.

What do they get from data?

A lot of information can come out if they really follow the documents and data. They basically know your whole query generated on the internet and after that they are also able to know your personal information.

Based on the DNS queries it might be possible that they identify the person whole data because of DNS capture whole information of machine and queries. For example :

  • They use android TV is connected with internet
  • They use apple devices are connected with internet 
  • They use windows devices and the software you use with cloud connectivity.
  • They use Antivirus.
  • They even use your social media account also.
  • They read you google chrome or other browser saved information and history.

 

The post 8 billion Thai internet records leaked ! appeared first on Vednam.

]]>
https://vednam.com/8-billion-thai-internet-records-leaked/feed/ 3