Thousands of Hapn customer data exposed by website bug

December 19, 2024

Smartphone with map, 3D Map pins, GPS, navigator pin checking points, 3D World Map icon, technology and application mobile smart phone with mobile, delivery tracking, transportation, generate by AI

(Adobe Stock)

Hapn, a GPS tracking company formerly known as Spytec, was discovered by a security researcher to be impacted by a website vulnerability that resulted in the inadvertent exposure of data from more than 8,600 GPS trackers, reports TechCrunch.

Information that could be accessed through Hapn account logins and browser developer tool usage included not only the IMEI numbers for the GPS trackers' SIM cards but also the names and business affiliations of the organizations and individuals owning or being monitored by the trackers, according to the security researcher, who noted the absence of any location details in the leaked data that they discovered after reading online reviews that recommended the use of Hapn's trackers for surveilling spouses. Such an issue has not yet been acknowledged by Hapn while people whose names and affiliations have been exposed refused to confirm the usage of the firm's GPS trackers.

SC Staff

Close up the triple-lens camera on the iPhone 13 Pro Max Seirra Blue and Graphite Color on white background.

Encryption

E2E encrypted messaging app use urged by CISA

SC StaffDecember 19, 2024

Infiltration of U.S. telecommunications networks by Chinese state-backed threat operation Salt Typhoon has prompted the Cybersecurity and Infrastructure Security Agency to issue a new advisory urging senior government officials and politicians, to leverage end-to-end encrypted messaging apps on their Android and Apple devices, according to The Record, a news site by cybersecurity firm Recorded Future.

Cloud Security

Misconfiguration leaks over 27M FatakPay files

SC StaffDecember 19, 2024

Cybernews reports that Indian fintech firm FatakPay had more than 27 million files with Know Your Customer documents and other sensitive loan application information compromised by an unsecured Amazon AWS S3 bucket.

Top view of black keyboard and handcuffs - cyber crime concept

Data Security

Hacker sentenced to 69 months for stealing payment card info

Shaun NicholsDecember 18, 2024

A 32-year-old was sentenced on criminal hacking charges related to a data-stealing malware operation.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Thousands of Hapn customer data exposed by website bug

Related

E2E encrypted messaging app use urged by CISA

Misconfiguration leaks over 27M FatakPay files

Hacker sentenced to 69 months for stealing payment card info

Related Events

How CISOs Can Build Privacy-First Strategies for Regulatory Compliance

Unlocking the Power of Public Data: Make Your Security Team Faster and More Effective

Microsoft Copilot: How to Minimize Data Security Risks During Adoption

Get daily email updates