An investigation has found the University of Sydney failed in its obligations by not securing students’ private details on its website. A section of the university’s website was shut down in January after it was found sensitive information could be obtained by entering a student’s identification number. No password was required to access the name…
Author: Dissent
(update) Laptops stolen from a contractor’s van had a slew of sensitive student data
Remember the Illinois State Board of Education laptops stolen from a Harrisburg Project van recently? I was reading more about the incident and noticed that there was even more sensitive data on the laptops than originally indicated in media coverage: The staff data stored on the computers included name, demographics, Social Security number, teacher certification…
Texas Official Must Talk About Data Leaks
David Lee reports: A state judge ordered the Texas Comptroller of Public Accounts to comply with a request for a deposition on the leak of personal information of more than 3.5 million people. Comptroller Susan Combs disclosed in April that the personal information of 3.5 million state employees and former employees had been stored on…
Groupon leaks entire Indian user database
Patrick Gray writes: The entire user database of Groupon’s Indian subsidiary Sosasta.com was accidentally published to the Internet and indexed by Google. The database includes the e-mail addresses and clear-text passwords of the site’s 300,000 users. It was discovered by Australian security consultant Daniel Grzelak as he searched for publicly accessible databases containing e-mail address…
Man’s ‘horror’ at NHS web privacy leak
Rhianne Pope reports: A jobseeker has said he is “horrified” after logging on to an NHS job site and seeing other people’s data. The 62-year-old from Bicester, who wished to remain anonymous, said he visited Jobs.nhs.uk to look for a new maintenance job. But after registering his name on the site last Monday, he realised…
Human Errors Fuel Hacking as Test Shows Nothing Prevents Idiocy
Cliff Edwards, Olga Kharif and Michael Riley report: The U.S. Department of Homeland Security ran a test this year to see how hard it was for hackers to corrupt workers and gain access to computer systems. Not very, it turned out. Staff secretly dropped computer discs and USB thumb drives in the parking lots of…