Recently, we have found many companies including job agency, a foot-care company, financial institutes and schools leaked
out over at least 12000 personal records via search engine with HKID, personal contact and address and/or full name in Hong Kong. Some even provide username and password for us to login to their Intranet and business applications. The potential impact could be ranging from defacing their web sites, identify theft to carrying out authorized transaction, it is fun, right? ;-)
We have reported some to PCO (www.pcpd.org.hk) but cases cannot be completely rectified.
A short report about them will be provided soon and disclose this darkness. Anyway, I simply enclosed a sample screenshot for you guys from Dr. Kong ;-) They are leaking out at least 30 full job applicant records (of course, they have fixed after our report to PCO).
"People may only know about the bright side of the moon, how about the dark side of it?" - Pink Floyd