The IT Nerd

A data breach involving DM Clinical Research — a Texas-based network of clinical trial sites — was discovered and reported to Website Planet by cybersecurity researcher Jeremiah Fowler.

What happened:

A non-password-protected database containing nearly 1.6million records was exposed. The leaked data includes PII and PHI, such as names, physical and email addresses, phone numbers, vaccine details, medical conditions, and more.

Why it matters:

The exposure of personal and medical data raises serious privacy concerns, potentially leading to identity theft, phishing attacks, extortion attempts, or unauthorized use of sensitive health information.

Read the report here: https://www.websiteplanet.com/news/dmclinicalresearch-report-breach/

The WebsitePlanet team has analyzed global workforce trends and their role in driving the adoption of automation and AI, aiming to inform how these shifts are shaping the future of work.

Key findings at a glance:

• According to the UN, workforce challenges due to an aging population will not be limited to developed countries; many developing economies are projected to experience similar struggles in the coming decades.
• China leads in industrial automation and AI adoption among the selected high-growth markets, while countries like India and Brazil are gradually automating sectors like agriculture and manufacturing.
• Goldman Sachs projects that broad AI adoption could raise global GDP by up to 7% annually over a 10-year period, due to productivity gains.

However, while AI is transforming industries and the workforce, these advancements also bring challenges, including potential job displacement and increased unemployment, particularly in sectors vulnerable to automation.

You can access the report here: https://www.websiteplanet.com/blog/blog-automation-ai-and-labor-research

A data breach involving SL Data Services/Propertyrec — an Information Research Provider — was discovered and reported to WebsitePlanet by cybersecurity researcher Jeremiah Fowler. 

What happened: 

A non-password-protected database containing more than 600K records was exposed. The leaked data includes PII, real estate data, court records, vehicle records (license plate and VIN), background check documents and more. 

Why it matters: 

A potential concern is targeted phishing or social engineering attacks, where a criminal could impersonate an individual whose personal information was exposed in a background check document. 

Read their detailed report here: https://www.websiteplanet.com/news/propertyrecs-breach-report/

A data breach involving Alltech Consulting Services — which matches global job seekers with employers in the US and Canada — was discovered and reported to WebsitePlanet by cybersecurity researcher Jeremiah Fowler. 

What happened: 

A non-password-protected file containing 2 million records of 200,000 tech job seekers was exposed. The leaked data includes personally identifiable information like partial SSNs, passport numbers, emails, phone numbers, and visa/green card status. 

Why it matters: 

This could lead to identity theft, employment fraud, and phishing attacks. In the wrong hands, it provides criminals a list of high-value targets for scams. 

To learn more, read the detailed report here:https://www.websiteplanet.com/news/alltechconsultinginc-breach-report/

WebsitePlanet recently completed a comprehensive analysis of Terms of Service (ToS) and Privacy Policies (PP) across 57 influential digital platforms. Their aim is to empower readers with the knowledge they need to make informed choices and advocate for stronger user protections.

According to our research:

• 80% of companies provide vague terms around data retention, allowing indefinite data storage with limited user control. Only Apple stood out positively for its privacy protections.
• Approximately 61% of companies including Google, PayPal, Temu, and Tesla don’t specify their security measures for payment information, raising concerns about their protection of financial transactions.
• No companies granted users full ownership of content without major licensing requirements, raising questions about user rights over their own content on these platforms.
• Alarmingly, 90% of companies offer minimal protections for children’s data, an area where stronger, more specific policies are needed to safeguard younger users.

Why it matters:

Their findings reveal that while these agreements serve the interests of the companies, they often compromise user rights, privacy, and control. Mandatory arbitration clauses, for example, limit users’ legal options, often favoring corporate over consumer interests. They believe these findings can spark vital conversations about regulatory reforms and user advocacy.

You can access the detailed report here: https://www.websiteplanet.com/blog/research-what-users-should-know-about-terms-of-service/

There’s been a significant data breach involving TrackMan, a well known sports tech provider offering swing and shot analysis for golf, baseball, and tennis players. 

What happened: 

A database with 31 million records was left unprotected, exposing personal information such as names, emails, IP addresses, and more. 

Why it matters: 

This breach could lead to targeted spam, malware distribution or phishing attempts. Professional athletes are at higher risk due to their status. 

For more details on the breach and potential risks, please read this report: https://www.websiteplanet.com/news/trackman-breach-report/

A data breach involving FleetPanda (FuelPanda), a software and technology company providing services and support for the petroleum and fuel industry, was discovered and reported to WebsitePlanet by cybersecurity researcher Jeremiah Fowler. 

What happened: 

A non-password-protected database containing 780,000 records, including invoices, driver applications, images of driver licenses, and background checks with PII, was exposed. 

Why it matters: 

The exposure of internal documents poses a significant risk for invoice fraud, where criminals could trick organizations into paying fraudulent invoices by posing as legitimate vendors or suppliers. Additionally, personal data and documents could be exploited for identity theft, financial fraud, social engineering phishing attacks and more cyber threats. 

If you want to understand what was at stake and the risks of leaving such information exposed, you can find their report with more details here: https://www.websiteplanet.com/news/fleetpanda-breach-report/

Cybersecurity researcher Jeremiah Fowler recently uncovered a data breach involving nearly 32 million records from ServiceBridge (by GPS Insight), a global field service management provider based in the USA. The breach exposed documents containing personally identifiable information (PII) such as names, physical addresses, email addresses, and even HIPAA patient consent forms.

If you’d like to understand more about the risks and implications of this breach, you can read his full report here: https://www.websiteplanet.com/news/servicebridge-breach-report/