Security News > 2024 > April > OWASP discloses data breach caused by wiki misconfiguration
The OWASP Foundation has disclosed a data breach after some members' resumes were exposed online due to a misconfiguration of its old Wiki web server.
OWASP says it discovered the Media Wiki misconfiguration in late February following several support requests.
"The resumes contained names, email addresses, phone numbers, physical addresses, and other personally identifiable information," said OWASP Executive Director Andrew van der Stock.
"OWASP collected resumes as part of the early membership process, whereby members were required in the 2006 to 2014 era to show a connection to the OWASP community. OWASP no longer collects resumes as part of the membership process."
OWASP also took several measures to address the data breach, disabling directory browsing and reviewing the web server and Media Wiki configuration for other security issues.
Yacht retailer MarineMax discloses data breach after cyberattack.
News URL
Related news
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Texas Tech University System data breach impacts 1.4 million patients (source)
- Ireland fines Meta $264 million over 2018 Facebook data breach (source)
- New fake Ledger data breach emails try to steal crypto wallets (source)
- Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts (source)
- 46% of financial institutions had a data breach in the past 24 months (source)
- UN aviation agency investigating possible data breach (source)
- Washington state sues T-Mobile over 2021 data breach security failures (source)
- Largest US addiction treatment provider notifies patients of data breach (source)
- STIIIZY data breach exposes cannabis buyers’ IDs and purchases (source)