Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

OWASP Foundation Data Breach

April 2, 2024
Reading Time: 2 mins read
in Incidents
OWASP Foundation Data Breach

OWASP, the Open Worldwide Application Security Project Foundation, has revealed a data breach stemming from a misconfiguration of its old Wiki web server. This breach exposed the resumes of certain members, spanning from 2006 to 2014, leading to the exposure of personally identifiable information such as names, contact details, and physical addresses. Although OWASP has taken steps to address the breach, including disabling directory browsing and removing resumes from the wiki site, affected individuals are advised to remain vigilant.

The incident, discovered in late February following support requests, primarily affected members who joined OWASP between 2006 and 2014 and submitted resumes as part of the membership process. OWASP’s Executive Director, Andrew van der Stock, acknowledged the exposure of personal information and clarified that the foundation no longer collects resumes during the membership process. While OWASP will notify affected individuals via email, many of them are no longer members, and the exposed information may be outdated.

In response to the breach, OWASP has implemented various measures to mitigate further access, including reviewing web server configurations, purging the Cloudflare cache, and requesting the removal of exposed resume information from the Web Archive. Van der Stock emphasized that OWASP has already removed affected information from the internet and advised individuals to exercise caution if their personal information is still current. Despite these efforts, the breach underscores the importance of robust security measures and ongoing vigilance to safeguard against data breaches and privacy risks.

Reference:
  • OWASP Foundation Reveals Wiki Misconfiguration Breach

Tags: April 2024cyber incidentsCyber Incidents 2024Cyber RiskCyber threatCyberattacksOWASPWiki web server
ADVERTISEMENT

Related Posts

InfoJobs Spain Hit By Credential Stuffing

InfoJobs Spain Hit By Credential Stuffing

June 6, 2025
InfoJobs Spain Hit By Credential Stuffing

Hack Attempt Hits German Police Phone System

June 6, 2025
InfoJobs Spain Hit By Credential Stuffing

German Dog Rescue IG Hacked For Ransom

June 6, 2025
Nervos Bridge Paused After $3.9 Million Hack

Ukraine GUR Claims Tupolev Data Theft Hack

June 5, 2025
Nervos Bridge Paused After $3.9 Million Hack

KiranaPro Startup Hacked All Data Wiped

June 5, 2025
Nervos Bridge Paused After $3.9 Million Hack

Nervos Bridge Paused After $3.9 Million Hack

June 5, 2025

Latest Alerts

AMOS Stealer Hits macOS Via Fake CAPTCHA

Chrome Extensions Leak Data And API Keys

BADBOX Turns 1M+ IoT Devices Into Proxies

FBI Warns Hedera NFT Airdrop Crypto Scam

New Chaos RAT Variant Hits Windows and Linux

UNC6040 Vishing Group Target Salesforce Data

Subscribe to our newsletter

    Latest Incidents

    German Dog Rescue IG Hacked For Ransom

    Hack Attempt Hits German Police Phone System

    InfoJobs Spain Hit By Credential Stuffing

    KiranaPro Startup Hacked All Data Wiped

    Nervos Bridge Paused After $3.9 Million Hack

    Ukraine GUR Claims Tupolev Data Theft Hack

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial