"Breaches involving government entities may be politically motivated, such as the 2022 compromise of the Presidency of Moldova's email server or the 2024 compromise of Moldova's parliamentary email servers just days before the country's presidential election. Other incidents may be due to human error or may be financially motivated. In Part 1, DataBreaches describes a data exposure vulnerability with Moldova's job application portal. In Part 2, DataBreaches reports on a dark web listing of data allegedly hacked from Moldova's energy compensation portal."
"On February 5, DataBreaches was contacted via Signal by someone who claimed the job applicant portal was exposing job applicants' personal information. Ionatan Andronachi claimed he had found 7,758 folders containing names, addresses, phone numbers, postal and email addresses, citizenship status, government IDs, medical 0-86 forms, certificates, diplomas, military service books, work recommendation letters, criminal records, CVs, and other personal and employment information.There were nearly 19,000 JSON files."
Breaches involving government entities can be politically motivated, caused by human error, or financially driven. Moldova's cariere.gov[.]md job application portal left applicants' personal information vulnerable for years. On February 5, a Signal message reported the portal was exposing applicants' personal data. Ionatan Andronachi reported finding 7,758 folders containing names, addresses, phone numbers, postal and email addresses, citizenship status, government IDs, medical 0-86 forms, certificates, diplomas, military service books, recommendation letters, criminal records, CVs, and nearly 19,000 JSON files. No password was required to access the data; accessing folders required only manipulating a URL number. Andronachi provided government correspondence and later received a response from the cybersecurity agency (STISC).
Read at DataBreaches.Net
Unable to calculate read time
Collection
[
|
...
]