Find software vulnerabilities before an attacker does

CloudDefense.AI, has discovered that a California-based breast pump manufacturer is storing at least 7 million documents, including personal information of healthcare providers, on an exposed server with no password protection. The documents include full names, business addresses, fax numbers, phone numbers, and National Provider Identifier (NPI) numbers. Although much of the information can be found publicly, it is unlikely that those listed are aware that their information is centrally available in a database of that size. The Daily Dot has reached out to the company but has received no response. The exposure of the data raises concerns over data safety in women's healthcare.

Barbara Ericson

28 Mar

Indian at-home salon platform Yes Madam has exposed sensitive data of hundreds of thousands of customers and gig workers due to a server-side misconfiguration, according to security researcher Anurag Sen of CloudDefense.ai. The exposed data includes full names, mobile numbers, mailing addresses, email addresses, location data, payment links, and device details of over 900,000 users. Yes Madam co-founder Mayank Arya confirmed that the company has since secured the database, but it remains unclear whether the exposed data was accessed by anyone else. Yes Madam operates in over 30 cities across India and has attracted over a million downloads on its mobile apps.

Barbara Ericson

9 Mar

2 min read