April 1, 2024 at 03:29PM
The OWASP Foundation has reported a data breach involving the exposure of some members’ resumes due to misconfiguration of its old Wiki web server. Tens of thousands of members were affected, with personal information like names, emails, and addresses exposed. OWASP took steps to address the breach and will notify affected individuals.
From the meeting notes, the key takeaways are as follows:
1. The OWASP Foundation has disclosed a data breach where members’ resumes were exposed due to a misconfiguration of its old Wiki web server.
2. The breach impacted only members between 2006 and 2014 who provided resumes as part of the old membership process.
3. Personally identifiable information such as names, email addresses, phone numbers, and physical addresses were exposed.
4. The affected individuals, even those no longer members, will be notified by email.
5. OWASP has taken measures to address the breach by disabling directory browsing, removing resumes from the wiki site, purging the Cloudflare cache, and reaching out to the Web Archive to request removal of the exposed information.
6. Individuals are advised to take precautions if their information is current and to be cautious when receiving unsolicited emails, mail, or phone calls.
Please let me know if you need any further assistance or information.