The federal cybersecurity agency left plaintext passwords in a spreadsheet uploaded to a public GitHub repository, per a report by independent journalist Brian Krebs.

The tech company that maintains the hotel check-in system set its cloud storage to public, allowing anyone to access customers' data without a password.