The IT Nerd

Website Planet has just published a report about a significant data breach involving Invoicely, a global billing and accounting platform.

What happened:

Cybersecurity researcher Jeremiah Fowler discovered a non-password-protected database containing nearly 180k records in XLSX, CSV, PDF, and various image formats. The exposed files included personally identifiable information (PII) such as names, physical addresses, phone numbers, tax ID numbers, and other sensitive details from service providers, partners, employees, and customers around the world.

Why it matters:

The exposure of names, email addresses, physical addresses, phone numbers, tax IDs, and financial account information presents a serious risk. This type of data can be exploited by cybercriminals for identity theft, financial fraud, spear-phishing, and social engineering attacks, among other threats.

You can read the full report here: https://www.websiteplanet.com/news/invoicely-breach-report/

A data breach involving Rainwalk, a South Carolina–based pet insurance provider was discovered and reported to Website Planet by cybersecurity researcher Jeremiah Fowler.

What happened:
A database containing 85,361 files totaling 158 GB was left unsecured. The leaked data included customer names, phone numbers, email and physical addresses, email files, claims files, veterinary bills, and more.

Why it matters:
This type of exposure poses serious risks, such as spear-phishing and social engineering attempts targeting insurance customers using real claims or account data and more.

Read the full report here: https://www.websiteplanet.com/news/rainwalk-pet-insurance-breach-report/

Website Planet has published a study which explores how paywalls have evolved beyond news media to become the internet’s default business model, shaping digital content, SaaS, streaming, and even academic publishing.

Among our key findings:

• Paywalls surged in the 2010s (120 new launches) but appear to have stagnated in the 2020s.
• Hard paywalls dominate, with 50% of services relying on this model.
• Nearly half (46.03%) of freemium models are in the software/SaaS sector.
• Pay-per-view is rare overall, but 65% of academic journals with paywalls use it.

You can check their full research here: https://www.websiteplanet.com/blog/2025-paywall-index-a-data-driven-study-across-industries/

A data breach affecting a home healthcare provider Archer Health Inc, was discovered and reported to Website Planet by cybersecurity researcher Jeremiah Fowler.

What happened:
A non-password-protected database containing 145,000 files and totaling 23 GB was left exposed. The leaked files included assessments, home health certifications, plan of care documents, patient ID numbers, SSNs, physical addresses, phone numbers, and more

Why it matters:
The exposure of personal and medical data poses serious risks, including identity theft, fraud, and possible financial exploitation, misuse of sensitive identifiers like SSNs, patient IDs, or contact information. Significant medical privacy and compliance risks, as the public exposure of medical conditions, treatments, and Medicare or VA records could lead to potential HIPAA violations.

Read the detailed report here: https://www.websiteplanet.com/news/archer-health-breach-report/

Recently, cybersecurity researcher Jeremiah Fowler discovered and reported to Website Planet an unprotected database belonging to a US-based auto insurance platform.

What happened:

The exposed database contained over 5 million records totaling 10.7 TB and exposed PII contained in power of attorney documents, registration documents, repair estimates, invoices, vehicle registrations, insurance policy or claims information, images of damaged vehicles identifying license plates, VIN numbers, and more.

Why it matters:

This discovery highlights serious privacy concerns and exposes customers to the risk of spear-phishing and social engineering attempts to gain additional information that could potentially be used for identity theft, impersonating individuals, or other financial crimes and potential for insurance or automotive ID fraud.

You can read the full report here: https://www.websiteplanet.com/news/claimpix-breach-report/

Recently, cybersecurity researcher Jeremiah Fowler discovered and reported to Website Planet a non-password-protected database containing over 1.6 million audio files linked to Hello Gym, a gym communications platform who partners with some of the biggest gym franchises in the US.

What happened:
The database contained 1,605,345 audio files of phone recordings and voicemails accessible without any password protection. A limited review of the files revealed internal phone calls and messages that included gym members’ names, phone numbers, and reasons for the calls which raises concerns about the sensitivity of the exposed information.

Why it matters:
Audio recordings that contain personal details can be used for spear-phishing or social engineering attacks, impersonation, identity theft and more.

You can read the full report here: https://www.websiteplanet.com/news/hello-gym-breach-report/

Recently, cybersecurity researcher Jeremiah Fowler discovered and reported to WebsitePlanet an unprotected and unencrypted database belonging to Ohio Medical Alliance LLC, a U.S.-based organization that assists individuals in obtaining physician-certified medical marijuana cards.

What happened:

The exposed data was accessible to anyone with an internet connection and included personally identifiable information (PII) such as names, dates of birth, Social Security numbers, physical addresses, and identification documents like driver’s licenses. It also held private health records, intake and evaluation forms, and medical release documents, many with sensitive medical and financial information.

Why it matters:

This type of exposure poses serious privacy and security risks, including identity theft, medical fraud, and targeted phishing or social engineering attacks.

You can find the full report here: https://www.websiteplanet.com/news/ohio-medical-alliance-breach-report/

 Website Planet has just posted research that focuses on six decades of global tech outage data to reveal the patterns behind these breakdowns — their root causes, common oversights, and the rising financial losses of simple errors.

Among their findings, they identified the following as key:

• 5 root causes account for nearly 90% of all major outages due to preventable errors.
• Microsoft leads in repeated failures with 8 major outages.
• Cloud and SAAS saw the most failures, followed by financial services.
• 184 major tech outages caused over $167 billion in losses.

You’ll find all the details to their findings here:  https://www.websiteplanet.com/blog/global-tech-outages-research/

Recently, cybersecurity researcher Jeremiah Fowler discovered and reported to WebsitePlanet an unencrypted and non-password-protected database believed to belong to IMDataCenter, a Florida-based company offering data enhancement solutions for marketing and identity management.

What happened:
The publicly exposed database contained 10,820 records, totaling 38 GB. Most of the files were large CSV spreadsheets and PDFs containing names, physical addresses, phone numbers, email addresses, and other potentially sensitive information. File names suggested the data was used for sales and marketing purposes across several industries including insurance, healthcare, elections, and car warranties.

Why it matters:
This kind of exposure poses serious privacy risks. Data like this can be exploited for phishing scams, identity theft, financial crimes or other fraudulent activities.

You can read the full report here: https://www.websiteplanet.com/news/imdatacenter-breach-report/

Website Planet has a report regarding their most recent content creator research.

Content creation offers visible economic rewards for the select few but most creators struggle to turn their passion into sustainable income. Some of their key findings:

• Entertainment drives viral reach of the top 56% of the most popular creators.
• Gender disparities continue, with women occupying only 34% of the top creators’ spots
• Over 90% of top creators have created their own merchandise lines.
• 10 out of the 15 creators included in their analysis ranked in the top 10 more than once.

The full report can be found here: https://www.websiteplanet.com/blog/top-streamers-research/