Joshua Chan reports: Dozens of students were shocked to learn that they were suspended from SF State last week when an email appearing to be from California State University’s chancellor gave them the bad news. But when they clicked on a link in the email, the truth was revealed — they had just been hacked….
Month: December 2018
IE: Health body apologizes for email gaffe exposing email addresses of 200 job applicants
A statutory health body has apologised for a data breach in which the email addresses of unsuccessful applicants to a job were mistakenly shared. In an email informing individuals that their application had been unsuccessful, the email addresses of about 200 other applicants were shared. The email, seen by TheJournal.ie, was sent by the Pre-Hospital Emergency…
MN: Wright County finally notifying residents of data breach due to employee transferring data to his home computer
Courtney Godfrey reports: Taking work home with you sounds like something a hardworking employee would do, unless that work includes private, sensitive data like it did with one employee in Wright County. The county knew about the data breach for seven months before notifying possible victims. It wasn’t until FOX 9 filed a public records…
Popular avatar app Boomoji exposed millions of users’ contact lists and location data
Zack Whittaker reports: Popular animated avatar creator app Boomoji, with more than five million users across the world, exposed the personal data of its entire user base after it failed to put passwords on two of its internet-facing databases. The China-based app developer left the ElasticSearch databases online without passwords — a U.S.-based database for its international…
Contra Costa Health Plan notifying patients after discovering contractor had used falsified identity to get contract
It seems Contra Costa Health Plan discovered that a contractor that they had hired and who had access to EHR beginning on December 1, 2014 had used a falsified identity to get the contractor position. The position involved access to EHR as part of the contractor’s functions relating to utilization management. In a letter to…
AU: Thousands affected in ActewAGL and Icon Water mail-out privacy breach
Jasper Lindell reports: ActewAGL has confirmed 400 electricity, gas and water customers have received bundles of bills addressed to other utility customers in a massive privacy breach affecting 6000 customers in the ACT and NSW. ActewAGL notified the Privacy Commissioner of the breach after it became aware of the mistake on Wednesday and had set up…