Patrick Gray writes: The entire user database of Groupon’s Indian subsidiary Sosasta.com was accidentally published to the Internet and indexed by Google. The database includes the e-mail addresses and clear-text passwords of the site’s 300,000 users. It was discovered by Australian security consultant Daniel Grzelak as he searched for publicly accessible databases containing e-mail address…
Author: Dissent
Man’s ‘horror’ at NHS web privacy leak
Rhianne Pope reports: A jobseeker has said he is “horrified” after logging on to an NHS job site and seeing other people’s data. The 62-year-old from Bicester, who wished to remain anonymous, said he visited Jobs.nhs.uk to look for a new maintenance job. But after registering his name on the site last Monday, he realised…
Human Errors Fuel Hacking as Test Shows Nothing Prevents Idiocy
Cliff Edwards, Olga Kharif and Michael Riley report: The U.S. Department of Homeland Security ran a test this year to see how hard it was for hackers to corrupt workers and gain access to computer systems. Not very, it turned out. Staff secretly dropped computer discs and USB thumb drives in the parking lots of…
In: Leaking health information may land you in prison
PTI reports: Leaking information on the health of an individual may earn a term in prison for six months and also a fine up to Rs one lakh. According to the new Privacy Bill, 2011, which is slated to be tabled in Parliament during the forthcoming session, any health information of any citizen of India…
LulzSec Says Goodbye with New Data Dump
Ian Paul reports on the farewell message and data dump posted by LulzSec last night: … By far, the largest data trove is a compressed file containing nearly 600MB of internal AT&T data. The group also obtained what it says are a technical note from AOL; user names and passwords for employees of the investigative…
A breach that crosses the line?
Over on Massachusetts Data Privacy Law Blog, John H. Lacey writes: The pinheads over at LulzSec have crossed a major line. They hacked into the Arizona Department of Public Safety and published the names, addresses and other personal information of police officers (including their wives’ names and email addresses). They also published a lot of privileged…