The IT Nerd

The Safety Detectives team has discovered an unprotected database containing approximately 7,000 records linked to DomeWatch, the U.S. House Democrats’ official online resume bank.

The exposed data included names, email addresses, phone numbers, security clearance levels, political affiliations, congressional experience, and more. 

Among the records, 469 individuals were listed with “top secret” federal security clearance, and over 4,000 indicated prior congressional experience.

This kind of exposure poses significant privacy and security risks, including potential identity theft, phishing, and social engineering targeting individuals connected to U.S. government operations.

The full report can be found here: https://www.safetydetectives.com/news/domewatch-breach-report/

Safety Detectives has conducted recently based on how apps designed for children invade their privacy. While conducting our research they identified some concerning privacy related points such as:

• 70% of the reviewed apps collect identifiers, data usage and biometric information, often without parental consent.
• Several apps openly admit sharing kids’ data for marketing and ad tracking.
• To date, regulators have issued over $1 billion in penalties for children’s privacy violations.
• Some apps had conflicting disclosures across platforms.

 You can check the full report here: https://www.safetydetectives.com/blog/blog-kids-apps-privacy-research/

The Safety Detectives have just published a report with the results of a research we’ve recently conducted focused on the recent leak of thousands of ChatGPT conversations.

While conducting our research they identified some concerning privacy related key points such as:

• Users are sharing personally identifiable information (PII), sensitive emotional disclosures, and confidential material with ChatGPT.
• Only around 100 out of 1,000 total chats make up 53.3% of the over 43 million words we analyzed.
• Some users are sharing full resumes, suicidal ideation, family planning discussions, and discriminatory speech with the AI model.
• “Professional consultations” account for nearly 60% of the topics flagged.

You can check their full report here: https://www.safetydetectives.com/blog/chatgpt-leaks/

Safety Detectives has just completed a research project that focuses on the differences in storage footprints between the top 50 most-downloaded applications on the iOS App Store and their Android counterparts.

Among their many findings:

• On average, an iOS app is twice the size of its Android counterpart.
• Apple includes more assets in the base app package while Android apps can split their components into smaller, on-demand modules.
• After installation and regular use, Android apps grow an average of almost twice the size of their iOS counterparts.
• Google Gemini has the largest proportional difference, being roughly 40 times larger on iOS.

You’ll find their full research here: https://www.safetydetectives.com/blog/app-storage-usage-research/

The Safety Detectives recently tested how often Google tracks users online (even when using privacy tools) across four countries. The key findings are:

• In some US tests, Google trackers were present on 100% of websites visited.
• Google Analytics appeared on 53% of pages with Google Search, versus just 17% with DuckDuckGo in privacy-focused countries.
• Wikipedia and TikTok triggered almost zero Google tracking, while YouTube/product searches triggered multiple trackers.

You can read their report on this here.

Recently, the SafetyDetectives Cybersecurity Team stumbled upon a forum post where a threat actor has offered for sale a database containing 61 million records allegedly belonging to Verizon USA. 

According to the threat actor’s claims, the dataset comprises 3.1 GB of Verizon USA customers information and it’s as recent as 2025. Upon reviewing a sample of the data, we observed full names, gender, dates of birth, tax IDs, full addresses, two phone numbers per customer, and more. 

This information is highly sensitive and could be exploited by malicious actors to carry out various types of attacks on the affected individuals. 

Their full report can be accessed here: https://www.safetydetectives.com/news/verizon-leak-report/

The Safety Detectives Cybersecurity Team stumbled upon a forum post where a threat actor has shared a database containing 10,000 records allegedly belonging to VirtualMacOSX.

According to the author’s claims, the data consists of 10,000 records. While reviewing the data set we could see Customer’s Full name, Company name, Email, Full physical address, Phone number, Password, Password reset key, Customers’ financial data such as Bank name, Bank code, Bank account and more.

This data is sensitive because it could be used by malicious actors to prepare and execute various types of attacks on the affected customers.

Their full report can be accessed here: https://www.safetydetectives.com/news/vmosx-leak-report/

Recently, the Safety Detectives Team stumbled upon a forum post where a threat actor has listed a database containing 32 Million records allegedly belonging to The Epoch Times.

According to the author’s claims, the data consists of 32 million records, containing The Epoch Times subscribers’ usernames, full names, phone numbers, credit card numbers, card expiration dates, billing addresses, invoices, emails, devices, and locations.

This data is sensitive because it could be used by malicious actors to prepare and execute various types of attacks on the affected customers.

Their full report can be accessed here: https://www.safetydetectives.com/news/epoch-leak-report/

The research team at SafetyDetectives just updated one of their past studies, where they explore countries around the world to see which are the safest and most dangerous for women, in terms of the number of crimes committed against them and the laws protecting them.

Key findings at a glance:

• On average, 80% of women are victims of sexual harassment at some point in their lifetime. Furthermore, 1/3 of women around the world have experienced physical and/or sexual violence. 
• According to their research, the top most dangerous countries for women are South Africa and Sweden. On the other hand, the safest countries are considered to be Japan, Poland, Bosnia and Herzegovina.
• Just in the United States data shows that, 50% of native women have reported being stalked while 56% have experienced sexual violence in their lifetime.
• In the EU, 43% of women have endured psychologically abusing or controlling behavior from their partner.

Ultimately, violence against women is not a geographically isolated phenomenon; it’s a problem all over the world, even in places that are relatively safer than others. And even those of us who do feel safe have a moral responsibility to help those that do not, for any reason and at any time.
You can access their report here: https://www.safetydetectives.com/blog/womens-safety-research/

The research team at SafetyDetectives just finished up a really interesting study, where they explore how phishing scams have transformed over time, especially with the advent of AI technology, highlighting the growing sophistication and challenges these scams pose to digital security.

Key findings at a glance:

• On average, it takes a user around 60 seconds to fall for a phishing scam and over the past three years, deepfake attacks have increased by 2,137%, rising from 0.1% to 6.5% of all fraud attempts detected.
• 2023 was the worst year on record for phishing attacks, with nearly five million incidents reported.
• In the third quarter of 2024, the most popular free email client used in BEC attacks was Google’s Gmail, accounting for 83.1% of all free email accounts set up by scammers.
• AI-generated phishing emails have an open rate of about 78%, with 21% of recipients clicking on harmful links or attachments within the email. Furthermore, generative AI tools can speed up the process of engineering phishing attacks by at least 40%.

As phishers continue to adapt their tactics, individuals and organizations alike need to stay vigilant and implement robust security measures to protect against these ever-evolving threats. By staying informed and proactive, we can reduce the impact of phishing scams and make our digital lives safer.

You can access the report here: https://www.safetydetectives.com/blog/phishing-metrics-research/