Submitted via IRC for SoyCow4408
The makers of Sitter, a popular app for connecting babysitters with parents, have involuntarily exposed the personal details of over 93,000 users.
The exposure took place last week and was caused by a MongoDB database left exposed on the Internet with no credentials.
Independent security researcher Bob Diachenko discovered the database. He told Bleeping Computer that he spotted the database on August 14, when he immediately reported the issue to the Sitter app makers. The Sitter team secured the database on the same day of the report, Diachenko said.
The database was previously indexed on Shodan, a search engine for Internet-connected devices, a day earlier, on August 13.
Source: https://www.bleepingcomputer.com/news/security/mongodb-server-exposes-babysitting-apps-database/
(Score: 2) by c0lo on Monday August 27 2018, @10:10AM
You know very well the answers.
There's no penalty for the executives and managers for private data breaches (especially in development stages) but there's a large penalty if they don't hit the on-time/on-budget targets, quarter after quarter. Minute things that defocus them will soon become out-of-sight out-of-mind - if something nasty happens, a hypocritical apology and promises it won't happen again it's all that's necessary and it's cheap.
This is where things like GDPR help.
No, stop speaking of 'market forces' and competition. Those things died with the notion of customers.
Nowadays, consumers are subhuman things, with short attention span (demanding jobs take care of that), which only need to be locked in, subjected to planned obsolescence and milked as much as possible (specifically, young mothers in this case - grin) Especially when they'll drop our product anyway when the kids no longer need babysitting.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford