• all red air force ones tumblr[2017-11-22]
  • wedge sneaker japan[2017-11-22]
  • nike sb blazer pacman[2017-11-22]
  • toddler girl nike shirts[2017-11-22]
  • nike sb dunk high chairman bao for sale[2017-11-22]
  • nike wmns 2015 benassi jdi qs[2017-11-22]
  • running shoe store us[2017-11-17]
  • nike air force 90[2017-11-17]
  • bridal shoes with crystals[2017-11-17]
  • nike-dunk-hi-top-boot-sneakers[2017-11-17]
  • nike jordans tumblr[2017-11-17]
  • nike free og paris[2017-11-17]
  • nike boxing 2018[2017-11-17]
  • shoes online nike air max[2017-11-17]
  • air jordan retro ii[2017-11-17]
  • mens nike plus trainers[2017-11-17]
  • nike air force mid pink[2017-11-17]
  • nike black quarter socks[2017-11-17]
  • nike free trainer 3.0 teal[2017-11-17]
  • lebron 6 elite qs[2017-11-17]
  • Ride-share upstart 'Fasten' revealed as Hive of insecurity

    Like Uber but for leaking personal data: a million customer records left on unsecured Hadoop

    Boston-based ride-hailing hopeful Fasten has coughed to a million-customer data breach that happened because someone left a database lying around unsecured.

    The breach was turned up by cloud-crowd Kromtech, whose Bob Diachenko wrote late last week that the company had a misconfigured Apache Hive database exposed on the Internet. Hive is a data warehouse system built on top of Hadoop.

    “The server was left open for end-user access and this also let anyone with an internet connection access Fasten’s internal data”, he wrote.

    The exposed customer data included names, e-mails, telephone numbers, IMEI codes, trip details (pick-up and drop-off points), and links to photos. Corporate data, including a few thousand driver profiles, routes, comments about drivers, car registration, and photos of drivers’ vehicles.

    Diachenko notes that the only payment information in the database was the last four digits of credit cards.

    The company told Diachenko the database was created on October 11 of this year, but it wasn’t populated until later, and as far as Fasten can tell, it was only accessible for 48 hours. Fasten doesn’t believe anybody other than Kromtech’s people accessed the data before it was deleted.

    Fasten’s Jennifer Borgen told Kromtech it was “old production data”, and the company is reviewing its security processes to keep data safer in future.

    The company only operates in Boston and Austin, Texas. ?


    Biting the hand that feeds IT ? 1998–2017