Fidus Information Security found more than 752,000 applications for copies of US birth certificates exposed in an Amazon Web Services bucket, TechCrunch reports. The data exposed included the applicant's "name, date-of-birth, current home address, email address, phone number and historical personal information, including past addresses, names of family members, and the reason for the application." The company, whose name hasn't been revealed, didn't respond to TechCrunch and Fidus's notifications. Amazon said it would contact the company, but the data is still accessible to anyone who has the "easy-to-guess web address" of the bucket.
Saudi Arabian telecom company STCS was storing hundreds of thousands of frequently updated GPS locations on a publicly accessible server, Motherboard has found. The server storing date, time, and coordinates of GPS trackers, most of which were located in Saudi Arabia, with some in China and off the coast of West Africa. The database on the server had more than 140,000 entries in just fifteen minutes. Motherboard isn't sure what the locations relate to, so they're not publishing the data. STCS said the server "was used for testing some internal services," and that it's since been secured.
The FTC recommends that parents find out which features are in smart toys before they buy these toys for their children, BleepingComputer says.