A publicly accessible Elasticsearch database discovered on March 27 exposed various types of personally identifiable information (PII) and medical info of more than 100,000 individuals. Security Discovery's researcher Jeremiah Fowler who discovered the unprotected Elasticsearch database found out after further investigation that the leaked data belonged to SkyMed, a company which provides medical emergency evacuation services for about 30 years. As the researcher says, the Elastic database was "set to open and visible in any browser (publicly accessible) and anyone could edit, download, or even delete data without administrative credentials." The database contained 136,995 records of SkyMed members and included PII data such as full names, addresses, dates of birth, email addresses, phone numbers, with some of the entries also including medical information. Besides finding hundreds of thousands of leaked member records, Fowler also discovered that the company's network might have also been infected at some point in time with an unknown ransomware strain. This was revealed when the researcher found a ransom note entry named "howtogetmydataback" in SkyMed's unsecured ElasticSearch database. While the company did not provide any feedback to the researcher's reports on the exposed database, the good news is that SkyMed did take down the database eventually. "The first data incident notification was sent on March 27th (the same day it was discovered). On April 5th we verified that the database was closed and no longer publicly accessible. No one from SkyMed replied to either message," stated Fowler. BleepingComputer also reached out to SkyMed to ask if breach notifications were sent to the impacted individuals but the company did not provide a response prior to publication. Learn more by visiting OUR FORUM.

Windows 10 May 2019 Update will begin rolling out to the compatible devices in late May 2019. Windows 10 version 1903 is currently only available to Windows Insiders, but the update for Windows 10 is now being blocked from installing on systems with certain configurations. In an updated blog post, Microsoft quietly shared a list of current upgrade blocks for Windows 10 May 2019 Update. At least three sets of devices could be affected during installation due to the blockade. Microsoft says that you cannot upgrade to Windows 10 May 2019 Update if your company is using a USB storage device or SD memory card, but there’s an easy workaround to deal with this problem. Microsoft has advised users to remove any external USB storage devices and/or SD memory cards to start the upgrade installation process. If you have older versions of anti-cheat software that comes bundled with many popular games, you may not be able to install the Windows 10 May 2019 Update. Microsoft discovered a bug where the older versions of anti-cheat software may cause Windows 10 May 2019 Update PCs to experience crashes. Most games have been already updated with a fix for the bug and Microsoft is actively working with affected partners. Microsoft has also blocked the Windows 10 May 2019 Update from installing on devices with any Known Folders or empty folder with that same name is created in your %userprofile% directory when you update. Follow this on OUR FORUM.