Once again, we've rounded up two information security incidents worth knowing about with a short report to keep you informed.
Let's start our review with the incident of leaking data from a website of the International Film Festival of India (IFFI).
IFFI is one of the largest film festivals in Asia, providing one of major cinema event. It has been held annually since 1975. This year's festival will take place from 20 to 28 November, with registration started in September.
Information on those who already registered for the festival was exposed. This happened because the file storage with files was publicly available via a specific URL. Theoretically, anyone could access the personal information of those, who have applied for the festival. The exposed information included:
- Government ID
- Phone numbers
- Addresses
- Dates of birth
- Registrant's portfolio or filmography.
Allegedly, after notifying IFFI of the vulnerability, access to the repository was closed.
Let's move on to the leak of data on 9 million people. The Nippon Telegraph and Telephone Corporation, a Japanese telecommunication holding company, reported an incident in which the former temporary employee of a subsidiary illegally accessed the following information over a period of 10 years:
- Names
- Addresses
- Telephone numbers
- Credit card details in some cases.
The data was stored on the call center system server and it is believed that a suspected employee responsible for operating and maintaining the call center system took the information out of the company using a USB stick.
The investigation revealed that the server wasn’t protected appropriately and that the data was freely accessible.
Osaka police enforcements are currently investigating the incident. The company is said to have recognized weaknesses in its data management.
To gain confidence in your organization’s information security and avoid similar incidents, use our Risk Monitor. It can help protect your company from financial and reputational losses due to internal threats.
Subscribe to get helpful articles and white papers.
We discuss industry trends and give advice on how to deal with data leaks and cyber incidents.
SearchInform uses four types of cookies as described below. You can decide which categories of cookies you wish to accept to improve your experience on our website. To learn more about the cookies we use on our site, please read our Cookie Policy.
Necessary Cookies
Always active. These cookies are essential to our website working effectively.
Cookies does not collect personal information. You can disable the cookie files
record
on the Internet Settings tab in your browser.
Functional Cookies
These cookies allow SearchInform to provide enhanced functionality and personalization, such as remembering the language you choose to interact with the website.
Performance Cookies
These cookies enable SearchInform to understand what information is the most valuable to you, so we can improve our services and website.
Third-party Cookies
These cookies are created by other resources to allow our website to embed content from other websites, for example, images, ads, and text.
Please enable Functional Cookies
You have disabled the Functional Cookies.
To complete the form and get in touch with us, you need to enable Functional Cookies.
Otherwise the form cannot be sent to us.
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!