In the News – Jeremiah Fowler

These are some of my notable discoveries that have appeared in the media. In 15 years there are to many to list.

184 Million logins and passwords exposed: Wired FOX

Medical Marijuana Data Breach: NPR

Rail station wi-fi provider exposed traveler data (Free WiFi is not free) BBC

Celebrities Found in Unprotected Real Estate Database Exposing 1.5 Billion Records: Security Week

Additional discoveries include:

NetcoreCloud — ~40 billion records exposed (marketing/email data platform).

ClaimPix — ~5.1 million files (auto insurance claims docs incl. PII, VINs, POAs).

Navy Federal Credit Union (backup exposure) — 378GB of internal backup data (keys/hashed passwords/metadata).

Archer Health / Archer Home Health — ~145k healthcare records/files exposed.

Hello Gym — ~1.6 million recorded calls/voicemails exposed (member PII in audio/messages).

Ohio Medical Alliance / “Ohio Marijuana Card” — 957,434 records (IDs, PHI/PII, SSNs in physician forms) listed above.

IMDataCenter — 38GB of files (CSV/PDF) exposing large volumes of PII.

Propertyrec / SL Data Services — 644,869 PDF files (background checks, vehicle/property records, extensive PII).

“Suspected infostealer” credential dump — 184,162,718 logins/passwords exposed in an open DB. Listed above.

Lost and Found Software (airports) — 820,750 records exposed (multi-airport lost & found tracking).

Vroom by YouX (Australia fintech) — ~27,000 records (IDs/bank docs/PII).

DreamHost / DreamPress — 814 million records exposed (customer/user-related data over time).

DM Clinical Research (clinical trials) — ~1.67 million clinical trial/survey records exposed (PHI/PII).

ogezy — nearly 8 million records (marketing/CRM-type data exposure).

TicketToCash — 520,054 records (ticket resale platform docs/PII).

Rockerbox — tax credit consultancy exposure (PII/IDs/SSNs referenced).

PrepHero — 3,154,239 records (student-athletes/coaches; passport images mentioned).

SABO (fashion brand) — 3,587,960 records (invoices/shipping/returns w/ PII).

Care1 (Canada healthtech/eyecare) — 4.8+ million medical records exposed.

Rapid Legal — 38.6 million records (legal services support docs; partial card details/PII).

Raptor Technologies (school safety software) — ~4 million records (highly sensitive student/safety info).

iCabbi (taxi dispatch) — nearly 300k passengers’ PII exposed (UK/Ireland).

Smoke Alarm Solutions (Australia) — ~762,856 documents exposed (customer invoices/inspections/etc.).

Election/voter tech contractor (Illinois county + others suspected) — 4.6 million election-related docs across 13 databases.

Real Estate Wealth Network — 1.5 billion records (real-estate ownership/wealth data exposure).

Really Simple Systems (CRM provider) — 3+ million records (client files/invoices/comms).

Forces Penpals (military dating/social) — 1.1+ million records exposed.

ChoiceDNA (facial DNA / biometric uploads) — ~8,000 biometric images/metadata docs exposed.

Confidant Health (telehealth mental health/addiction) — 5.3TB exposed (therapy-related files/logs; highly sensitive).

UN Trust Fund to End Violence against Women (UN Women association) — ~115,000 records/documents exposed.

SuperVPN — 360+ million records exposed (free VPN-related).

and many many more….