Passwords for EU General Data Protection Regulation compliance website GDPR.EU were exposed online, Threatpost reports. Researchers discovered a .git folder exposing data, including management settings, WordPress pages associated with the site and passwords. The website’s operator, Proton Technologies AG, “quickly fixed” the issue four days after it was reported. “However, the irony of (an) EU-funded (website) about GDPR having security issues isn’t lost on us,” Pen Test Partners Researchers Vangelis Stykas and Joe Durbin said.
If you want to comment on this post, you need to login.