WHEC has the story, brought to them by a consumer who observed employees just tossing records with personal information: Mottshaw says he refuses to give his social security number out because his identity has been stolen before. When he was at the DMV in Henrietta he says he saw employees throw documents in the garbage….
Month: May 2018
T-Mobile bug let anyone see any customer’s account details
Zack Whittaker reports: A bug in T-Mobile’s website let anyone access the personal account details of any customer with just their cell phone number. The flaw, since fixed, could have been exploited by anyone who knew where to look — a little-known T-Mobile subdomain that staff use as a customer care portal to access the…
Humana notifies members after it detects suspicious behavior in its interactive voice response system
Here’s something we don’t see everyday, and it involves Kentucky-based health insurer Humana. Humana’s technology team became suspicious after there were a number of calls to an 800 number of Humana’s that involved their Interactive Voice Response system where the caller was able to authenticate as a member by providing date of birth, zip code, and…
Insurance startup leaks sensitive customer health data
Zack Whittaker reports: A software startup that provides independent insurance brokers with customer management software has exposed highly sensitive information on thousands of insurance policy holders. A vast cache of data was stored on Amazon S3 storage bucket by AgentRun, a Chicago, Ill.-based company founded in 2012 by Andrew Lech, a former independent insurance broker….
D.C. government data breach exposed nurses’ Social Security numbers
Fenit Nirappil reports: The D.C. Department of Health has warned hundreds of nurses that their personal information was inadvertently exposed in the online licensing portal and is offering them one year of credit-monitoring services. A nurse navigating the nursing board’s online portal somehow ended up on a nonpublic portion of a database that included the…
MN: Associates in Psychiatry and Psychology disclose ransomware incident
Associates in Psychiatry and Psychology in Minnesota have notified 6,546 patients and HHS of a ransomware incident that occurred in March. Some time overnight between March 30 and March 31st, the practice’s files were locked up with TripleM ransomware. The ransomware not only locked up the data files, but according to their notification and FAQ…