New, by me: A popular Canadian money transfer app exposed thousands of driver's licenses and passports to the open web. Anyone with a link was able to view the data in their browser.
The data goes back to September 2020, and was updating daily until the server was secured this week.
“All protections are in place,” Martinez said. “We are notifying the appropriate parties. We have not contracted any services from you.”
That is the most thinly veiled attempt at downplaying the impact of a breach towards a newspaper I've ever seen
" This data exposure comes as apps and websites are increasingly requiring their users to upload their government-issued documents to verify who they say they are but without taking enough steps to secure the data that they collect"
Only 2 weeks ago a major online seller locked my account (my bank couldn't find out why) and demanded I upload my government ID Plus a my bank card/credit card to verify my purchase . I phoned and demanded to know why, they had no explanation, only "if that's on the webpage you must follow the directions".
Itold them they were crazy if they thought I would do anything that foolhardy and reckless. They can stuff my pricy order in their computer trash bin.
René Mayrhofer 
🇺🇦
Zack Whittaker
Violet/Multi
❄️SnowyIn🇨🇦❄️