Craig Timberg reports:
Two federal government Web sites that help people find AIDS-related medical services have begun routinely encrypting user data after years in which they let sensitive information — including the real-world locations of site visitors – onto the Internet unprotected.
Until the change, these sites had risked exposing the identities of visitors when they used search boxes to find nearby facilities offering HIV testing, treatment and other services, such as substance abuse and mental health counseling, say security experts. Government smartphone apps associated with one of the Web sites, AIDS.gov, also transmitted the latitude and longitude of users seeking services, after collecting those details from the phones of users.
Read more on Washington Post.