Questions tagged [data-leakage]

Data-leakage is the uncontrolled, unauthorized transmission of classified information from a data centre or computer system to the outside. Such leakage can be accomplished by physical removal of data storage devices (diskettes, tapes, listings, printouts and photographs of screen copies or handwritten notes) or by more subtle means such as data hiding (steganography) or even plain old human memory.

Data-leakage is the uncontrolled, unauthorized transmission of classified information from a data centre or computer system to the outside. Such leakage can be accomplished by physical removal of data storage devices (diskettes, tapes, listings, printouts and photographs of screen copies or handwritten notes) or by more subtle means such as data hiding (steganography) or even plain old human memory.

438 questions
16
votes
6 answers

Swap file may contain sensitive data

Is it possible that the swap file will contain chunks of data by a file you have accessed, and could this be detected during a forensics analysis? How could you prevent this situation ? Is using deep freeze or similar software a valid solution ?
opc0de
  • 697
  • 4
  • 7
  • 14
14
votes
2 answers

What sensitive information can be leaked in a Vim's swap file?

Often it occurs that when bulk uploading files somewhere, the author forgets that some of the files are being open by Vim and uploads their swap files as well. Can this leak some sensitive information, perhaps about the author's machine or network?
Petr
  • 517
  • 2
  • 10
9
votes
1 answer

I found emails and passwords on github, what should I do?

Content in question: I found a file in a public repository on Github that contains a few 100 emails, some of them with a password (as bcrypt). Verification: As I recognize several of the addresses, and know of the background of the file in question,…
mafu
  • 705
  • 5
  • 13
8
votes
3 answers

I found my user details on already old, leaked account information list

I came across an old (>3 years) accounts information list which has been leaked to the web. The list included thousands (>10.000) of account details from a service or services. Apparently the event was a small-scale news item back in the days, so…
user81980
  • 83
  • 1
  • 3
8
votes
2 answers

Are old API keys in git history a security vulnerability?

I recently made the mistake of leaking my Mailgun API key in an open-source GitHub project. I immediately invalidated it, but Mailgun support has asked me to take the additional step of deleting my GitHub repository. So far they have refused to…
BonsaiOak
  • 183
  • 4
5
votes
2 answers

Preventing information from leaving corporate network

How do you prevent confidential information from leaving the network? Nowadays online storage facilities are in abundance. e.g. Google Drive, One Drive, etc. Any employee can just upload sensitive information to these sites for storage. This is just…
JinPangPang
  • 1,951
  • 2
  • 17
  • 27
5
votes
1 answer

What information could be gained from an Amazon shipping label?

My family has a bad habit of recycling Amazon shipping boxes without taking out the labels. We have been doing this for the past year or so and have noticed a slight and steady increase in the amount of spam calls we have received at home. I am not…
yuritsuki
  • 538
  • 1
  • 5
  • 10
4
votes
4 answers

Is reading from prod to dev a security concern?

We have two environments, both of which have access to the same data sources. However, prod is locked down (reasonably so) while dev can be written/read by developers. Data flows from the source through the ETL process and end up in various places.…
3
votes
1 answer

Metadata leakage from security camera upload times

Picture the following: A server controlling security cameras has a script that takes stored footage, encrypts the files with GPG, and moves it into a cloud storage folder (Dropbox in this case). If an adversary compromised that account, what…
JvH
  • 33
  • 4
2
votes
0 answers

Historical locations of hacked data dumps

BMO and Simplii might have data dumps by now as cibc reported; "These ... profile will be leaked on fraud forum and fraud community as well as the 90,000 left if we don't get the payment before May 28 2018 11:59PM," What are the most likely…
user1133275
  • 191
  • 8
2
votes
2 answers

Information leak from chat group. How do we find out which user is sharing information?

My friend is part of a business of about 10 people that provide stock and share advice to paying members in a Telegram group. It's a quite expensive pay monthly group of loyal enough customers who benefit from the group's secrecy and so a leak…
hydroxy
  • 29
  • 1
  • 2
2
votes
2 answers

If a hacker steals data i keep on a server, can i be held liable by the UK data protection act?

While writing an essay I came up with this question. If a hacker steals data I keep on a server, can I be held liable by the UK data protection act? Example, I have customers address' on my server and I believe to have taken the correct precautions…
1
vote
1 answer

Data classification and data leak prevention

We have several levels of data classification such as secret, confidential, etc for documents. To prevent leakage of such sensitive information to the outside, I am considering using a DLP solution. However, I don't really understand the mechanics…
dorothy
  • 725
  • 1
  • 9
  • 19
1
vote
1 answer

What's this type of leak detection method called?

Suppose I want to figure out which of a group of people is distributing my content without authorization. So I create several different versions of the same content, each with a unique watermark embedded. Then, when I come across a pirate copy of…
user55039
  • 11
  • 1
1
vote
2 answers

Discovered someone else's huge data breach, what should I do?

I bought an old Apple Xserve on ebay. The seller was a used computer reseller, not the original owner of the server/data. The server's hard drives were wiped and had no OS on them, but they did have one odd named folder. Turns out that folder…
l008com
  • 111
  • 4
1
2