Oren Koriat reports: … Recently, Cynerio has detected an interesting new wrinkle in the sale of stolen medical data on the dark web. Our research team found a post from a vendor on the dark web offering the medical records of the deceased. In this dark web listing, the vendor mentions that 60,000 of the stolen…
Month: July 2018
Vodafone information glitch ‘bad privacy breach’
Susan Edmunds reports: A Vodafone mobile customer was shocked to discover he could see a stranger’s personal details when he logged into his account online. Hayden Maskell said, when he logged into My Vodafone twice this week, he could see another customer’s name, account number, phone number, bills and “detailed usage” showing who they had called….
DC health website security breach exposes nurse’s personal info including SSN
Scott Taylor reports: A nurse tells 7 On Your Side and Call For Action she was horrified to discover a government web site exposed her name, address and social security number to others… and could have done the same to 600 other nurses. Nurses just like Alexia Park can log onto the DC Department of…
Update: BP data breach affected 60,000 after malware attack on PageUp job portal
Julie Iles reports that estimates of the PageUp breach impact on BP applicants has increased significantly: BP says a hack of its online recruitment portal has compromised the data of more job applicants than initially suspected. BP has emailed about 60,000 people who applied for jobs in its retail stores since 2008 to notify them they could have…
Identities of thousands of Tennesseans with HIV made vulnerable by government error
Bret Kelman reports: For nine months, the confidential data just sat there, where hundreds of employees could reach it. The identities of thousands of Tennesseans with HIV or AIDS, both living and dead, were listed in a computer database kept on a server accessible to the entire staff of the Nashville Metro Public Health Department. But…
The 111 Million Record Pemiblanc Credential Stuffing List
Troy Hunt reports: ……. I’ve just loaded 111 million email addresses found in a credential stuffing list called “Pemiblanc” into HIBP. I had multiple different supporters of HIBP direct me to this collection of data which resided on a web server in France and looked like this: That site has now been taken down…