UK: York council alerted that people’s personal info from council phone app was accessible to others

From YorkMix:

Hackers have obtained personal data belonging to users of York council’s environmental app, it has emerged this weekend.

City of York Council has contacted police and has permanently taken down its One Planet York app, following the data breach.

The app supported the council’s broader One Planet York programme, which seeks to reduce waste and improve the city’s environmental performance, but hackers contacted the council on November 1 to tell staff they had accessed users’ data.

Read more on York Mix. It’s not clear to me why the people who contacted the council to alert them are even being described by the news site as “hackers” without making clear that they appeared to be white hats or researchers. The report also says:

On 1 November 2018, a third party contacted the council and told us they had found a way to access personal data of those people who use the One Planet York app.

PowerSchool commits to strengthened breach measures following engagement with the Privacy Commissioner of Canada
Hungarian police arrest suspect in cyberattacks on independent media
British institutions to be banned from paying ransoms to Russian hackers
Data breach feared after cyberattack on AMEOS hospitals in Germany
Inquiry launched after identities of SAS soldiers leaked in fresh data breach
Bitcoin holds steady as hackers drain over $40 million from CoinCDX, India's top exchange

Related: