Adoption Agency Data Exposure Revealed Information About Children and Parents
Fowler scrambled to identify the owner of the database, which he concluded was the largely Texas-based nonprofit Gladney Center for Adoption. He then worked to notify the organization about the exposed data on June 25 but received no reply. He attempted notification again on June 26, and within a few hours the database was silently secured—hopefully before anyone else was able to access it.
Misconfigured databases are common online, even after years of effort to raise awareness about the issue, making information accessible to whoever comes across it. Fowler was particularly alarmed to see adoption-related data, though, because the trove included details like the identities of some children's biological parents, data on individuals' medical and mental health status, information about interactions with Child Protective Services, and even records referencing court orders. The database also included more typical personally identifying information like names, addresses, phone numbers, email addresses, and unique identifiers assigned to children's cases. Fowler was ultimately able to trace the database to Gladney, because it also contained information about some of the organization's employees.
'This is the first time in all of my research that I've seen adoption data, and it stood out because a lot of these kids are very vulnerable,' Fowler tells WIRED. 'I believe that this data was exposed during the move to a different system, and that it was up for a few days before I found it. So I go to sleep at night hoping I got to it before the bad guys did.'
Fowler says that the data appeared to be from a customer relationship management, or CRM, system that is used to organize client data in businesses and other organizations. The trove contained more than 1.1 million records and was 2.49 GB.
'The Gladney Center for Adoption takes security seriously. We always work with the assistance of external information technology experts to conduct a detailed investigation into any incident. Data integrity and operations are our top priority,' chief operating officer Lisa Schuessler wrote in a statement. 'With any incident, we work with law enforcement and comply with applicable laws and regulations, and in the case of any determination of sensitive information within our possession being impacted, we notify all impacted individuals.'
When asked whether this should be taken as confirmation that Gladney secured the exposed database found by Fowler and is notifying individuals whose data was included, Schuessler referred WIRED to Gladney's initial response. That statement also noted that Gladney is 'constantly taking additional steps to further strengthen and bolster our systems to ensure our networks and the information entrusted to us is secure.'
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
8 minutes ago
- Yahoo
From Phishing To 'Quishing': The Sneaky New QR Code Scam Targeting 26 Million Americans
When QR codes first hit the scene, they were a niche tool, employed by factories to track inventory or by museums to offer visitors unique interactive experiences. The pandemic made them more ubiquitous, and they can now be found everywhere from air travel to parking payments. QR codes make our lives easier in a number of ways, but unfortunately, they also seem poised to make it a lot harder. As their popularity has risen, scammers have started to eye them as their next target for exploitation. Don't Miss: 'Scrolling To UBI' — Deloitte's #1 fastest-growing software company allows users to earn money on their phones. You can Accredited Investors: Grab Pre-IPO Shares of the AI Company Powering Hasbro, Sephora & MGM— "As with many technological advances that start with good intentions, QR codes have increasingly become targets for malicious use. Because they are everywhere — from gas pumps and yard signs to television commercials — they're simultaneously useful and dangerous," BlueVoyant Senior Director of Proactive Cybersecurity Services Dustin Brewer told CNBC. Brewer told the network that hackers are using the codes to trick unsuspecting people into visiting malicious websites or giving away sensitive personal information. This type of scam is called "quishing." Quishing appeals to scammers because of how easy it is to execute. There are plenty of free QR code generators online, and all it takes is slapping one on a sticker at a parking meter or slipping a pre-printed letter into your mailbox to get things going. Trending: $100k+ in investable assets? – no cost, no obligation. "The crooks are relying on you being in a hurry and you needing to do something," University of Rochester electrical and computer engineering professor Gaurav Sharma told CNBC. As safeguards have been put into place to crack down on the number of traditional phishing e-mails going around, and as consumers wisen up to old-school text and phone scams, crooks have had to get creative with their tactics. And get creative, they are. NordVPN told CNBC that 73% of Americans scan QR codes without verifying their authenticity. This has led to upwards of 26 million people being directed to malicious sites. Part of the reason quishing scams are so successful is that we aren't yet well-versed in how to recognize them. A report published by the cybersecurity platform KeepNet found that only 36% of quishing scams have been accurately identified and reported."The cat and mouse game of security will continue and that people will figure out solutions and the crooks will either figure out a way around or look at other places where the grass is greener," Sharma told CNBC. Companies are working to fortify QR codes against intrusion, and to educate the public on how to spot potential scams that use the codes, but say there's still a long way to go. "QR codes weren't built with security in mind, they were built to make life easier, which also makes them perfect for scammers," Rob Lee, chief of research and chief of AI at SANS Institute, told CNBC. "We've seen this playbook before with phishing emails; now it just comes with a smiley pixelated square. It's not panic-worthy yet, but it's exactly the kind of low-effort, high-return tactic attackers love to scale." Read Next: Here's what Americans think you need to be considered wealthy. Image: Shutterstock UNLOCKED: 5 NEW TRADES EVERY WEEK. Click now to get top trade ideas daily, plus unlimited access to cutting-edge tools and strategies to gain an edge in the markets. Get the latest stock analysis from Benzinga? APPLE (AAPL): Free Stock Analysis Report TESLA (TSLA): Free Stock Analysis Report This article From Phishing To 'Quishing': The Sneaky New QR Code Scam Targeting 26 Million Americans originally appeared on © 2025 Benzinga does not provide investment advice. All rights reserved. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
CBS News
10 minutes ago
- CBS News
Man, 32, charged in fatal shooting at Royal Oak apartment complex
A 32-year-old man is accused of fatally shooting a maintenance worker at an apartment complex in Royal Oak, Michigan, police said Sunday. Officers responded to Thursday's shooting on the 3800 block of Crooks Road around noon. Officials saw the suspected shooter, later identified as Nathaniel Joshua-Olson Rockwell, and took him into custody shortly after arriving, according to police. Responding law enforcement then found that a maintenance worker, identified by police as 65-year-old Gregory Hill of Southfield, Michigan, had been shot. Hill died at the scene. Multiple witnesses told officers that Rockwell was in a heated argument with a resident of the apartment when Rockwell "suddenly ran to his car" and pulled out a handgun, according to police. The resident then ran away, and Rockwell turned his attention to Hill, who was in the vicinity of the argument. Police said in a news release on Sunday that Rockwell is charged with one count of first-degree murder, three counts of felony firearm and two counts of felonious assault with a dangerous weapon. "This was a senseless act of horrific violence," Chief Michael Moore said in the release. "We extend our deepest condolences to the victim's family and loved ones during this incredibly difficult time. Thankfully, due to the swift actions of our officers, the suspect was apprehended quickly before he could harm anyone else." Note: The above video first aired on July 31, 2025.
CBS News
10 minutes ago
- CBS News
Child among 6 hurt, suspect killed by CCL holder in mass shooting at house party in Harvey, Illinois
Seven people were wounded following a mass shooting at a house party Saturday night in Harvey, Illinois. A spokesperson for Harvey said shortly after 8 p.m., officers responded to the 14400 block of Des Plaines Street for a shooting at a house party. Preliminary reports indicated that seven people were shot—including a 4-year-old boy who suffered non-life-threatening injuries, and his condition was stabilized. Four additional people were shot and taken to area hospitals in unknown conditions. Their conditions were also stabilized. According to the spokesperson, two individuals arrived at the scene and opened fire on the gathering. A concealed carry license holder who was at the party returned fire—hitting and killing one of the suspects at the scene. The second suspect was injured and taken to the hospital, and later placed in police custody. The shooting was an isolated incident, with no ongoing threat to the public. Investigation into the shooting remains ongoing. No further information was available.
