Questions tagged [data-leakage]

Data-leakage is the uncontrolled, unauthorized transmission of classified information from a data centre or computer system to the outside. Such leakage can be accomplished by physical removal of data storage devices (diskettes, tapes, listings, printouts and photographs of screen copies or handwritten notes) or by more subtle means such as data hiding (steganography) or even plain old human memory.

438 questions

votes

6 answers

Swap file may contain sensitive data

Is it possible that the swap file will contain chunks of data by a file you have accessed, and could this be detected during a forensics analysis? How could you prevent this situation ? Is using deep freeze or similar software a valid solution ?

data-leakage

asked Jan 19 '13 at 18:37

opc0de

votes

2 answers

What sensitive information can be leaked in a Vim's swap file?

Often it occurs that when bulk uploading files somewhere, the author forgets that some of the files are being open by Vim and uploads their swap files as well. Can this leak some sensitive information, perhaps about the author's machine or network?

data-leakage

asked Aug 21 '14 at 12:48

Petr

votes

1 answer

I found emails and passwords on github, what should I do?

Content in question: I found a file in a public repository on Github that contains a few 100 emails, some of them with a password (as bcrypt). Verification: As I recognize several of the addresses, and know of the background of the file in question,…

data-leakage

asked May 07 '16 at 21:11

mafu

votes

3 answers

I found my user details on already old, leaked account information list

I came across an old (>3 years) accounts information list which has been leaked to the web. The list included thousands (>10.000) of account details from a service or services. Apparently the event was a small-scale news item back in the days, so…

data-leakage

asked Jul 28 '15 at 07:22

user81980

votes

2 answers

Are old API keys in git history a security vulnerability?

I recently made the mistake of leaking my Mailgun API key in an open-source GitHub project. I immediately invalidated it, but Mailgun support has asked me to take the additional step of deleting my GitHub repository. So far they have refused to…

data-leakage

asked Jan 19 '18 at 22:54

BonsaiOak

votes

2 answers

Preventing information from leaving corporate network

How do you prevent confidential information from leaving the network? Nowadays online storage facilities are in abundance. e.g. Google Drive, One Drive, etc. Any employee can just upload sensitive information to these sites for storage. This is just…

data-leakage

asked Aug 22 '15 at 07:01

JinPangPang

1,951
2
17
27

votes

1 answer

What information could be gained from an Amazon shipping label?

My family has a bad habit of recycling Amazon shipping boxes without taking out the labels. We have been doing this for the past year or so and have noticed a slight and steady increase in the amount of spam calls we have received at home. I am not…

data-leakage

asked Jan 16 '15 at 23:37

yuritsuki

votes

4 answers

Is reading from prod to dev a security concern?

We have two environments, both of which have access to the same data sources. However, prod is locked down (reasonably so) while dev can be written/read by developers. Data flows from the source through the ETL process and end up in various places.…

data-leakage

asked Jan 21 '16 at 20:40

Carlos Bribiescas

votes

1 answer

Metadata leakage from security camera upload times

Picture the following: A server controlling security cameras has a script that takes stored footage, encrypts the files with GPG, and moves it into a cloud storage folder (Dropbox in this case). If an adversary compromised that account, what…

data-leakage

asked Sep 13 '15 at 06:41

JvH

votes

0 answers

Historical locations of hacked data dumps

BMO and Simplii might have data dumps by now as cibc reported; "These ... profile will be leaked on fraud forum and fraud community as well as the 90,000 left if we don't get the payment before May 28 2018 11:59PM," What are the most likely…

data-leakage

asked May 29 '18 at 22:57

user1133275

votes

2 answers

Information leak from chat group. How do we find out which user is sharing information?

My friend is part of a business of about 10 people that provide stock and share advice to paying members in a Telegram group. It's a quite expensive pay monthly group of loyal enough customers who benefit from the group's secrecy and so a leak…

data-leakage

asked Jan 25 '18 at 22:01

hydroxy

votes

2 answers

If a hacker steals data i keep on a server, can i be held liable by the UK data protection act?

While writing an essay I came up with this question. If a hacker steals data I keep on a server, can I be held liable by the UK data protection act? Example, I have customers address' on my server and I believe to have taken the correct precautions…

data-leakage

asked Jan 12 '17 at 15:52

Alex Wilson

vote

1 answer

Data classification and data leak prevention

We have several levels of data classification such as secret, confidential, etc for documents. To prevent leakage of such sensitive information to the outside, I am considering using a DLP solution. However, I don't really understand the mechanics…

data-leakage

asked Feb 11 '15 at 10:11

dorothy

vote

1 answer

What's this type of leak detection method called?

Suppose I want to figure out which of a group of people is distributing my content without authorization. So I create several different versions of the same content, each with a unique watermark embedded. Then, when I come across a pirate copy of…

data-leakage

asked Sep 05 '14 at 17:51

user55039

vote

2 answers

Discovered someone else's huge data breach, what should I do?

I bought an old Apple Xserve on ebay. The seller was a used computer reseller, not the original owner of the server/data. The server's hard drives were wiped and had no OS on them, but they did have one odd named folder. Turns out that folder…

data-leakage

asked Nov 24 '18 at 11:45

l008com

2 Next