Breach, Governance, Risk and Compliance, Compliance Management, Security Architecture

Data leaks prevalent in online site forms

Share

BleepingComputer reports that nearly 3% of 2.8 million pages included in the 100,000 top ranking websites worldwide have been found to leak information entered in site forms including usernames, email addresses, passwords, and personal identifiers to third-party trackers prior to submission. Through a DuckDuckGo Tracker Radar Collector-based crawler, university researchers found that 2,950 and 1,844 websites were observed to enable email address exfiltration prior to form submission when visited from the U.S. and Europe, respectively, while 52 websites had similar password collection mechanisms, which have been remedied after being notified by the researchers. The report also showed that LiveRamp had trackers collecting email addresses in 662 sites, while Taboola, Verizon, and Adobe's Bizible had email-exfiltrating trackers in 383, 255, and 199 websites, respectively. Moreover, Yandex had the most number of trackers for password collection. Disparities in reported trackers in the U.S. and EU stems from the existence of GDPR laws that apply stricter data protections for individuals in the EU, according to researchers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.