"Internet Society Data Leaked"
The personal information of tens of thousands of members of the Internet Society (ISOC) has been exposed in a data security breach. International non-profit organization ISOC was founded in 1992 with the mission to ensure open internet development by enhancing and supporting internet use for individuals and organizations worldwide. Researchers at Clario discovered the unsecured data on December 8, 2021, in an open and unprotected Microsoft Azure blob repository containing millions of files. Data exposed in the blob included the full names of ISOC members together with their residential addresses, email addresses, gender, login details, and password hash. The information was stored in json files. The researchers reported the incident to ISOC via email on the day of the leak's discovery. ISOC responded by launching an investigation into the leak and securing the data. During the investigation, ISOC attributed the security breach to a misconfiguration error by their management system provider MemberNova. ISOC noted that its investigation had not revealed "any instances of malicious access to member data as a result of this issue." The society said that individuals who were impacted by the incident were notified of the breach before the holidays.