Security News > 2024 > April > OWASP discloses data breach caused by wiki misconfiguration
The OWASP Foundation has disclosed a data breach after some members' resumes were exposed online due to a misconfiguration of its old Wiki web server.
OWASP says it discovered the Media Wiki misconfiguration in late February following several support requests.
"The resumes contained names, email addresses, phone numbers, physical addresses, and other personally identifiable information," said OWASP Executive Director Andrew van der Stock.
"OWASP collected resumes as part of the early membership process, whereby members were required in the 2006 to 2014 era to show a connection to the OWASP community. OWASP no longer collects resumes as part of the membership process."
OWASP also took several measures to address the data breach, disabling directory browsing and reviewing the web server and Media Wiki configuration for other security issues.
Yacht retailer MarineMax discloses data breach after cyberattack.
News URL
Related news
- Wolf Haldenstein law firm says 3.5 million impacted by data breach (source)
- Otelier data breach exposes info, hotel reservations of millions (source)
- PayPal to pay $2 million settlement over 2022 data breach (source)
- UnitedHealth now says 190 million impacted by 2024 data breach (source)
- PowerSchool starts notifying victims of massive data breach (source)
- US healthcare provider data breach impacts 1 million patients (source)
- US healthcare provider data breach impacts 1 million patients (source)
- Globe Life data breach may impact an additional 850,000 clients (source)
- GrubHub data breach impacts customers, drivers, and merchants (source)
- HPE notifies employees of data breach after Russian Office 365 hack (source)