toad.social

Dissent Doe :cupofcoffee:So yesterday, I emailed a state court system that appears to be linked to the exposed data I mentioned recently and that the host notified on or about July 28. No reply was received.Today, I sent a contact form message to the lawyer for a juvenile whose records were sealed. Sealed, except 11 of them were exposed to anyone who can access the data. I told him what was going on and suggested he contact the court and tell them to get the data secured. No reply was received.Today, I sent an email to the judge who ordered the juvenile's records sealed and I cc:d the district attorney. I gave them the juvenile's name, case number and that I could see all the sealed records. I urged them to have their IT or vendor call me and I could give them the IP address over the phone, etc. No reply was received.Dear Russia, China, and North Korea:You do not need to hack our courts. They are leaking like sieves and do not respond when we try to tell them they need to secure the data.Yours in total frustration,/Dissent<a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/incident_response" class="mention hashtag" rel="nofollow noopener" target="_blank">#incident_response</a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/WAKETHEFUCKUP" class="mention hashtag" rel="nofollow noopener" target="_blank">#WAKETHEFUCKUP</a>

CybernewsPacific Healthworks is claimed by the Everest ransomware group, along with hundreds of sensitive data samples from at least 50 medical groups they serve.<a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#ransomware</a> <a href="https://infosec.exchange/tags/hack" class="mention hashtag" rel="nofollow noopener" target="_blank">#hack</a> <a href="https://infosec.exchange/tags/dataprivacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataprivacy</a> <a href="https://infosec.exchange/tags/datasecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#datasecurity</a> <a href="https://infosec.exchange/tags/health" class="mention hashtag" rel="nofollow noopener" target="_blank">#health</a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a> <a href="https://cnews.link/pacific-healthworks-everest-ransomware-attack-data-leak-1/" rel="nofollow noopener" translate="no" target="_blank">https://cnews.link/pacific-healthworks-everest-ransomware-attack-data-leak-1/</a>

⠠⠵ avukoHack laboratoryDatahack medical world turns out to be much bigger: also research skin, urine and penis stolenBy Daniël Verlaan © ANP RTL NieuwsThe data breach at the laboratory that conducts population cervical cancer screening is greater than reported. In addition to stolen data from 485,000 women who participated in that population survey, data from skin, urine and penis examinations have also been stolen. A small part of it is now on the dark web.This is according to research by RTL Nieuws. It concerns names, residential addresses and dates of birth of patients, their social security numbers and information and results of the study. Advice has also been taken as a result of investigations.These are patients who have had examinations performed by healthcare providers and independent clinics that have been sent to the Clinical Diagnostics laboratory.Among other things, information and results of examinations on urine, skin, vagina, penis, anus and wound fluid have been published.Hospitals and general practitionersBased on the leaked data, these are patients from the Leiden University Medical Center, Amphia Hospital and Alrijne Hospital, among others. Many studies written out by general practitioners can also be found in the leaked data. The dates are from 2022 to this year.The data put online by the criminals include 53,516 people who had an investigation done by the general practitioner, RTL Nieuws calculated. The actual number leaked is expected to be much higher: currently only about 100 megabytes of data have been published, the criminals claim to have stolen 300 gigabytes.Both Clinical Diagnostics and the criminals behind the hack have been asked to respond.Population surveyAmong the 485,000 women who participated in the population survey for cervical cancer, in addition to their private data and citizen service number, test results of smears and self-tests were stolen.Elza den Hertog, the chairman of the board of Population Research Netherlands, says that the institute is extremely shocked. "We understand that women who have participated in population surveys through us are of course also very frightened by this. I would like to say to them that we are very sorry that this happened."[Dutch] <a href="https://www.rtl.nl/nieuws/binnenland/artikel/5522760/datalek-baarmoederhalskanker-veel-groter-ook-onderzoek-huid-urine" rel="nofollow noopener" translate="no" target="_blank">https://www.rtl.nl/nieuws/binnenland/artikel/5522760/datalek-baarmoederhalskanker-veel-groter-ook-onderzoek-huid-urine</a><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/Dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#Dataleak</a> <a href="https://infosec.exchange/tags/Nova" class="mention hashtag" rel="nofollow noopener" target="_blank">#Nova</a> <a href="https://infosec.exchange/tags/RaLord" class="mention hashtag" rel="nofollow noopener" target="_blank">#RaLord</a>

Dissent Doe :cupofcoffee:Correcting this because it looks like this doesn't involve any federal court. But there are exposed sensitive records, some of which were ordered sealed. NEW: Federal judiciary says it is boosting security after cyberattack; researcher finds new leaksMore of those frustrating leaks where, despite our best efforts, we have been unable to get the network shares locked down so far, even with the host's assistance.This one involves two courts: and yes, we saw some files that were supposed to be sealed or confidential.<a href="https://databreaches.net/2025/08/10/federal-judiciary-says-it-is-boosting-security-after-cyberattack-researcher-finds-new-leaks/" rel="nofollow noopener" translate="no" target="_blank">https://databreaches.net/2025/08/10/federal-judiciary-says-it-is-boosting-security-after-cyberattack-researcher-finds-new-leaks/</a><a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/govsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#govsec</a>

BeyondMachines :verified:TeaOnHer app, rival to the Tea safety app leaks driver's licenses and personal data of 53,000 usersTeaOnHer, a controversial dating-related app for men, exposed personal data of approximately 53,000 users including driver's licenses, verification selfies, and private communications through critical security vulnerabilities that allow unauthorized access via publicly accessible web addresses without authentication. The breach also exposed the app creator's administrative credentials in plaintext.**** <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/incident" class="mention hashtag" rel="nofollow noopener" target="_blank">#incident</a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a> <a href="https://beyondmachines.net/event_details/teaonher-app-rival-to-the-tea-safety-app-leaks-driver-s-licenses-and-personal-data-of-53000-users-1-v-a-q-o/gD2P6Ple2L" rel="nofollow noopener" translate="no" target="_blank">https://beyondmachines.net/event_details/teaonher-app-rival-to-the-tea-safety-app-leaks-driver-s-licenses-and-personal-data-of-53000-users-1-v-a-q-o/gD2P6Ple2L</a>

Ohmbudsman2️⃣ PBS confirms data leak via Discord fan servers 🗞️ <a href="https://www.bleepingcomputer.com/news/security/pbs-confirms-data-breach-after-employee-info-leaked-on-discord-servers/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/pbs-confirms-data-breach-after-employee-info-leaked-on-discord-servers/</a> 👥: <a href="https://mastodon.social/@pbs" class="u-url mention" rel="nofollow noopener" target="_blank">@pbs</a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://mastodon.social/tags/DataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#DataLeak</a> <a href="https://mastodon.social/tags/MediaWatch" class="mention hashtag" rel="nofollow noopener" target="_blank">#MediaWatch</a>

Dissent Doe :cupofcoffee:Promises, promises. Exclusive: Brosix and Chatox promised to keep your chats secured. They didn’t.A researcher found a misconfigured backup with -- yes, you guessed it -- everything in plaintext instead of encrypted. Some entities that used the service are medical entities that were actually mentioning protected health information or attaching files with <a href="https://infosec.exchange/tags/PHI" class="mention hashtag" rel="nofollow noopener" target="_blank">#PHI</a> in the chat. There were almost 5k Allstate employees using the service and sharing customer <a href="https://infosec.exchange/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#PII</a> in files. And oh yeah, I found one company gossiping about me and plotting against me after I notified them they were leaking tons of <a href="https://infosec.exchange/tags/PHI" class="mention hashtag" rel="nofollow noopener" target="_blank">#PHI</a>. I've done them a favor by not publishing all their chat logs about me. :) There also appeared to be some "dodgy" stuff on the backup, too. Read the details about the exposed backup in my post at <a href="https://databreaches.net/2025/08/05/exclusive-brosix-and-chatox-promised-to-keep-your-chats-secured-they-didnt/" rel="nofollow noopener" translate="no" target="_blank">https://databreaches.net/2025/08/05/exclusive-brosix-and-chatox-promised-to-keep-your-chats-secured-they-didnt/</a><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#encryption</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/chatox" class="mention hashtag" rel="nofollow noopener" target="_blank">#chatox</a> <a href="https://infosec.exchange/tags/brosix" class="mention hashtag" rel="nofollow noopener" target="_blank">#brosix</a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a><a href="https://mastodon.social/@zackwhittaker" class="u-url mention" rel="nofollow noopener" target="_blank">@zackwhittaker</a>

Pyrzout :vm:Your employees uploaded over a gig of files to GenAI tools last quarter <a href="https://www.helpnetsecurity.com/2025/08/05/genai-sensitive-data-exposure/" rel="nofollow noopener" translate="no" target="_blank">https://www.helpnetsecurity.com/2025/08/05/genai-sensitive-data-exposure/</a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://social.skynetcloud.site/tags/GenerativeAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#GenerativeAI</a> <a href="https://social.skynetcloud.site/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a> <a href="https://social.skynetcloud.site/tags/Harmonic" class="mention hashtag" rel="nofollow noopener" target="_blank">#Harmonic</a> <a href="https://social.skynetcloud.site/tags/report" class="mention hashtag" rel="nofollow noopener" target="_blank">#report</a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#News</a>

Kevin Dominik Korte"Your data is safe in our AI." Unfortunately, that promise doesn't include the website. I guess it was too much to ask for OpenAI to include basic cybersecurity and web design efforts. Hey, you cannot have everything when changing the world. <a href="https://fosstodon.org/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a> <a href="https://fosstodon.org/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a> <a href="https://fosstodon.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://www.techradar.com/ai-platforms-assistants/chatgpt/chatgpt-chats-are-now-appearing-in-google-search-heres-how-to-stop-google-from-spying-on-your-conversations" rel="nofollow noopener" translate="no" target="_blank">https://www.techradar.com/ai-platforms-assistants/chatgpt/chatgpt-chats-are-now-appearing-in-google-search-heres-how-to-stop-google-from-spying-on-your-conversations</a>

OSTechNixOpenAI Removes ChatGPT Chat Discovery Feature Over Privacy And Data Leak Concerns <a href="https://floss.social/tags/Openai" class="mention hashtag" rel="nofollow noopener" target="_blank">#Openai</a> <a href="https://floss.social/tags/Chatgpt" class="mention hashtag" rel="nofollow noopener" target="_blank">#Chatgpt</a> <a href="https://floss.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a> <a href="https://floss.social/tags/Searchengine" class="mention hashtag" rel="nofollow noopener" target="_blank">#Searchengine</a> <a href="https://floss.social/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#Privacy</a> <a href="https://floss.social/tags/Dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#Dataleak</a> <a href="https://ostechnix.com/openai-removes-chatgpt-chat-discovery/" rel="nofollow noopener" translate="no" target="_blank">https://ostechnix.com/openai-removes-chatgpt-chat-discovery/</a>

Pyrzout :vm:Secrets are leaking everywhere, and bots are to blame <a href="https://www.helpnetsecurity.com/2025/07/31/enterprise-non-human-identity-risk/" rel="nofollow noopener" translate="no" target="_blank">https://www.helpnetsecurity.com/2025/07/31/enterprise-non-human-identity-risk/</a> <a href="https://social.skynetcloud.site/tags/nonhumanidentities" class="mention hashtag" rel="nofollow noopener" target="_blank">#nonhumanidentities</a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://social.skynetcloud.site/tags/enterprise" class="mention hashtag" rel="nofollow noopener" target="_blank">#enterprise</a> <a href="https://social.skynetcloud.site/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a> <a href="https://social.skynetcloud.site/tags/report" class="mention hashtag" rel="nofollow noopener" target="_blank">#report</a> <a href="https://social.skynetcloud.site/tags/Entro" class="mention hashtag" rel="nofollow noopener" target="_blank">#Entro</a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#News</a> <a href="https://social.skynetcloud.site/tags/bot" class="mention hashtag" rel="nofollow noopener" target="_blank">#bot</a>

securityaffairsHackers leak images and comments from women dating safety app <a href="https://infosec.exchange/tags/Tea" class="mention hashtag" rel="nofollow noopener" target="_blank">#Tea</a> <a href="https://securityaffairs.com/180539/data-breach/hackers-leak-images-and-comments-from-women-dating-safety-app-tea.html" rel="nofollow noopener" translate="no" target="_blank">https://securityaffairs.com/180539/data-breach/hackers-leak-images-and-comments-from-women-dating-safety-app-tea.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a>

nemo™ 🇺🇦🔓 Leakzone, a major Cracker forum, exposed over 22M user IPs via an unsecured Elasticsearch database! Discovered by UpGuard, the leak reveals how even cybercriminals risk exposure. 🚨 Anonymity isn’t guaranteed on this notorious platform. Details: <a href="https://cyberinsider.com/hacking-forum-leakzone-exposed-user-ip-s-via-unsecured-database/" rel="nofollow noopener" translate="no" target="_blank">https://cyberinsider.com/hacking-forum-leakzone-exposed-user-ip-s-via-unsecured-database/</a> <a href="https://mas.to/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://mas.to/tags/DataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#DataLeak</a> <a href="https://mas.to/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> <a href="https://mas.to/tags/newz" class="mention hashtag" rel="nofollow noopener" target="_blank">#newz</a>

Anonymous 🐈️🐾☕🍵🏴🇵🇸 :af:A SQL injection in a cookie consent parameter at a major automotive company led to full PII leaks and potential RCE. Highlights the need for strict input validation and secure coding practices. <a href="https://kolektiva.social/tags/SQLInjection" class="mention hashtag" rel="nofollow noopener" target="_blank">#SQLInjection</a> <a href="https://kolektiva.social/tags/DataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#DataLeak</a> <a href="https://kolektiva.social/tags/Japan" class="mention hashtag" rel="nofollow noopener" target="_blank">#Japan</a> <a href="https://kolektiva.social/tags/CyberAttacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberAttacks</a> <a href="https://www.hendryadrian.com/from-cookie-consent-to-command-execution-a-real-world-sqli-full-pii-leak-to-rce-on-a-careers/" rel="nofollow noopener" translate="no" target="_blank">https://www.hendryadrian.com/from-cookie-consent-to-command-execution-a-real-world-sqli-full-pii-leak-to-rce-on-a-careers/</a>

Marcel SIneM(S)US<a href="https://social.tchncs.de/tags/CitrixBleed2" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed2</a>: Kritische Netscaler-Lücke wird seit fast einem Monat ausgenutzt | Security <a href="https://www.heise.de/news/Citrix-Bleed-2-Kritische-Netscaler-Luecke-wird-seit-fast-einem-Monat-ausgenutzt-10492320.html" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/news/Citrix-Bleed-2-Kritische-Netscaler-Luecke-wird-seit-fast-einem-Monat-ausgenutzt-10492320.html</a> <a href="https://social.tchncs.de/tags/Patchday" class="mention hashtag" rel="nofollow noopener" target="_blank">#Patchday</a> <a href="https://social.tchncs.de/tags/CyberCrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberCrime</a> <a href="https://social.tchncs.de/tags/DataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#DataLeak</a> <a href="https://social.tchncs.de/tags/Datenleck" class="mention hashtag" rel="nofollow noopener" target="_blank">#Datenleck</a> <a href="https://social.tchncs.de/tags/Datenschutz" class="mention hashtag" rel="nofollow noopener" target="_blank">#Datenschutz</a> <a href="https://social.tchncs.de/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#privacy</a> <a href="https://social.tchncs.de/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed</a>

Nina Cried PowerFollowing the revelation about a Super Injunction over the Afghanistan Data Leak the next question should be, "how many other Super Injunctions does the Government have in place?" If this question cannot be answered then the answer is, more than none.<a href="https://mastodonapp.uk/tags/SuperInjunction" class="mention hashtag" rel="nofollow noopener" target="_blank">#SuperInjunction</a> <a href="https://mastodonapp.uk/tags/Afghanistan" class="mention hashtag" rel="nofollow noopener" target="_blank">#Afghanistan</a> <a href="https://mastodonapp.uk/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a>

Dissent Doe :cupofcoffee:From the "no-need-to-hack-when-it's-leaking-and-leaking-and-leaking" dept:Website Planet recently reported on a leak Jeremiah Fowler discovered. But it wasn't the Gladney Adoption Center's first leak. And while Fowler praised the center for their response to his alert, DataBreaches wants to know what the Gladney Adoption Center is going to do to prevent more leaks. They've had 3 in the past few months alone. <a href="https://databreaches.net/2025/07/17/gladney-adoption-center-had-serious-data-exposures-in-the-past-few-months-what-will-they-do-to-prevent-more/" rel="nofollow noopener" translate="no" target="_blank">https://databreaches.net/2025/07/17/gladney-adoption-center-had-serious-data-exposures-in-the-past-few-months-what-will-they-do-to-prevent-more/</a>Great thanks to <a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@JayeLTee</a> for his help on this one. <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a> <a href="https://infosec.exchange/tags/cybersec" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersec</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a>

Hackread.com🚨 Over 1.1 million sensitive records exposed from a Texas adoption agency, including PII of children, parents, and staff - no password, no encryption.Report: <a href="https://hackread.com/massive-data-leak-texas-adoption-agency-million-records/" rel="nofollow noopener" translate="no" target="_blank">https://hackread.com/massive-data-leak-texas-adoption-agency-million-records/</a><a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://mstdn.social/tags/DataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#DataLeak</a> <a href="https://mstdn.social/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#Privacy</a> <a href="https://mstdn.social/tags/Breach" class="mention hashtag" rel="nofollow noopener" target="_blank">#Breach</a> <a href="https://mstdn.social/tags/Adoption" class="mention hashtag" rel="nofollow noopener" target="_blank">#Adoption</a>

AutisticMumTo3‘The worst day of all time’: Afghans speak of safety fears after UK data leak | Ministry of Defence | The Guardian <a href="https://www.theguardian.com/uk-news/2025/jul/15/the-worst-day-of-all-time-afghans-speak-of-safety-fears-after-uk-data-leak" rel="nofollow noopener" translate="no" target="_blank">https://www.theguardian.com/uk-news/2025/jul/15/the-worst-day-of-all-time-afghans-speak-of-safety-fears-after-uk-data-leak</a><a href="https://leftist.network/tags/Afghan" class="mention hashtag" rel="nofollow noopener" target="_blank">#Afghan</a> <a href="https://leftist.network/tags/DataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#DataLeak</a>

BeyondMachines :verified:DOGE Employee exposes AI API Keys in source code, giving access to advanced xAI modelsA Department of Government Efficiency (DOGE) employee exposed a private xAI API key on GitHub, providing unauthorized access to over 52 large language models. This is very concerning given the employee's extensive access to sensitive systems across multiple government agencies in the USA. This marks the second such xAI key exposure by DOGE personnel in recent months, indicating a pattern of operational security failures that indicate a broken security culture within the organization.**Build a culture of not saving API keys, passwords, or any secrets directly into your code. Use environment variables or proper secret management tools instead. If leaking API key becomes a practice, consider stronger discipline and awareness measures, paired with technical scanners to detect secrets in code.** <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/incident" class="mention hashtag" rel="nofollow noopener" target="_blank">#incident</a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a> <a href="https://beyondmachines.net/event_details/doge-employee-exposes-ai-api-keys-in-source-code-giving-access-to-advanced-xai-models-k-l-q-0-o/gD2P6Ple2L" rel="nofollow noopener" translate="no" target="_blank">https://beyondmachines.net/event_details/doge-employee-exposes-ai-api-keys-in-source-code-giving-access-to-advanced-xai-models-k-l-q-0-o/gD2P6Ple2L</a>

Recent searches

Search options

Administered by:

Server stats:

#dataleak