Forbes Accidentally Exposed "30 Under 30" Winners' Private Info, Honoree Finds

by
martyb
from SoylentNews on (#5SXR6)

upstart writes:

Forbes accidentally exposed '30 Under 30' winners' private info, honoree finds:

The publication behind the annual 30 Under 30 list, which Forbes calls "the definitive list of young people changing the world," is itself receiving notoriety after one of its awardees discovered the site exposed a decade's worth of private data. Jane Manchun Wong, a 2022 30 Under 30 honoree and security researcher recognized for (among other things) her ability to undercover hidden features in apps, said that the Forbes list exposed the emails and birthdates of all awardees - both past and present.

"I discovered a personal data exposure in Forbes 30 Under 30 Directory while looking for my entry, including ~4000 emails and ~7000 birthdates of the honorees over the past 10 years," she wrote on Friday.

Jane discovered - and reported - the leak to Forbes on December 2. She did not receive a direct response.

[...] Forbes was alerted that there was some information rendered deep in the JavaScript," replied a spokesperson. "When we were notified, we took immediate action and quickly corrected the problem. To the best of our knowledge, the data was not accessed by anyone else."

[Personal disclosure: I have an acquaintance who was on a prior year's list; I've sent them notice about the leak. --martyb]

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments