As Scale AI seeks to reassure customers that their data is secure following Meta's $14.3 billion investment, leaked files and the startup's own contractors indicate it has some serious security holes.
Scale AI routinely uses public Google Docs to track work for high-profile customers like Google, Meta, and xAI, leaving multiple AI training documents labeled "confidential" accessible to anyone with the link, Business Insider found.
Contractors told BI the company relies on public Google Docs to share internal files, a method that's efficient for its vast army of at least 240,000 contractors and presents clear cybersecurity and confidentiality risks.
Scale AI also left public Google Docs with sensitive details about thousands of its contractors, including their private email addresses and whether they were suspected of "cheating." Some of those documents can be viewed and also edited by anyone with the right URL.
Cybersecurity researchers are analyzing about 200,000 messages from inside the high-profile Black Basta ransomware operation that were leaked recently.
[Article mis à jour le 19 novembre 2024 à 17h40] Un cybercriminel a mis en ligne, mardi, une base de données contenant les informations hospitalières et personnelles de plus de 750 000 personnes. Celui-ci revendique une fuite de données du logiciel de gestion médicale Mediboard.
Read the blog to learn about ServiceNow’s Knowledge Base data exposure risks and how to mitigate these issues.
The residents of Dumfries and Galloway are being warned their data was likely compromised in a February ransomware attack on the National Health Service (NHS).
The Real World, a learning platform from the controversial social media personality Andrew Tate, has leaked nearly a million users and over 22 million messages.
Hundreds of thousands of exposed users, millions of messages, and session tokens – that’s the reality that The Real World finds itself in.
The Cybernews research team has uncovered an exposed MongoDB instance with 88GB from one of The Real World’s servers.
Datasport, prestataire de services suisse pour les événements sportifs, a été victime d'une attaque informatiq
Malgré une alerte lancée en juillet, Berne n’a rebouché qu’en novembre un accès à la maquette d’un portail destiné aux entreprises, EasyGov.
The Boeing Company, a jetliner manufacturer and US defense contractor, had the company’s data leaked by the LockBit ransomware gang. So far, around 50 gigabytes of compressed data was uploaded LockBit's dark web blog.
LockBit has allegedly started leaking data that the gang stole from Boeing in late October. The Cybernews research team noted there's around of 50 GB of supposedly Boeing's data. Bulk of the data appears to be various backups.
The FBI is investigating a data breach where cybercriminals were able to steal patients’ records from a Las Vegas plastic surgeon's office and then publish them online.
A software repository on GitHub dedicated to supplying open-source code and AI models for image recognition was left open to manipulation by bad actors thanks to an insecure URL.
Oil giant Shell said it is investigating after a security researcher found an exposed internal database spilling the personal information of drivers who use the company’s electric vehicle charging stations.
This time, SuperVPN has exposed a whopping 133 GB of data, including personal details of its unsuspecting users, such as IP addresses.
The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company.
A Ukrainian cybersecurity researcher has released a huge batch of data that came from the internal systems of the Conti ransomware gang. The researcher released the
