Chris Bing reports: A website configuration issue affecting itmanagement.com, a property owned by New York City digital publisher Ziff Davis, can be exploited to access a company database full of private user contact information, including names, phone numbers, employment details, email and employer addresses. The database also contains contact information for users registered on other Ziff Davis properties….
Month: February 2017
How to Bury a Major Breach Notification
There are ways to bury a breach disclosure other than waiting until after 3 pm on the Friday of a holiday weekend. Brian Krebs reports: Amid the hustle and bustle of the RSA Security Conference in San Francisco last week, researchers at RSA released a startling report that received very little press coverage relative to its overall…
Wilders’ security officer detained for suspected data leak
Mike Corder of AP reports: A Dutch security official responsible for protecting anti-Islam lawmaker Geert Wilders has been detained on suspicion of leaking classified information, a police spokesman said Wednesday, sparking fears for the safety of the far-right populist lawmaker who for years has lived amid tight security. The extent of the breach and whether…
Guelph settles $1-million lawsuit, gets back personal files
City hall has settled the wrongful dismissal lawsuit launched by former chief building official Bruce Poole and has also recovered personal information about City of Guelph employees that was inadvertently given to Poole’s lawyers. These announcements, made in two separate but related city hall news releases late Tuesday afternoon, conclude a matter that cost deputy…
OH: Taxation employee fired after accessing personal information of family, acquaintances
Randy Ludlow reports: An Ohio Department of Taxation examiner has been fired after an investigation found she improperly accessed the confidential personal and tax information of several relatives and acquaintances. A report released today by the office of Inspector General Randall J. Meyer found that Kelly S. Bolen accessed computerized personal information of several people, and…
Vets lose privacy lawsuit against VA after unencrypted data is stolen from hospital
Patrick O’Neill reports: After multiple thefts and data breaches related to the unencrypted personal information of 7,400 U.S. veterans out of a Veterans Affairs hospital, an appeals court dismissed a lawsuit this month in which patients alleged violations of the Privacy Act and Administrative Procedure Act. The veterans claimed at least seventeen more data breaches have occurred at Wm….