Brian Krebs reports: Security weaknesses in the hugely popular file-sharing Web site thepiratebay.org have exposed the user names, e-mail and Internet addresses of more than 4 million Pirate Bay users, according to information obtained by KrebsOnSecurity.com. An Argentinian hacker named Ch Russo said he and two of his associates discovered multiple SQL injection vulnerabilities that…
Category: Breach Incidents
(follow-up) Private info accidentally released
Fran Handy reports that after the Sparta School District in New Jersey erroneously sent out the unredacted version of a spread sheet containing vendors’ SSN and other information — instead of the redacted one that they had prepared in response to an open records request — the District has had some trouble getting the data…
UK: ICO finds three councils in breach of Data Protection Act
The Information Commissioner’s Office (ICO) has taken action against the London Borough of Barnet, West Sussex County Council and Buckinghamshire County Council for breaching the Data Protection Act. A systemic lack of staff training on how to handle personal information has led to the loss of sensitive personal information relating to thousands of children. Sally-anne…
25,000 sign up for state credit protection after data lost
Usually only a very small percentage of those offered free credit monitoring after a breach sign up for it. I was therefore surprised to see almost a third of those affected by one breach in Alaska earlier this year sign up. Pat Forgey reports: More than 25,000 anxious public employees and retirees have signed up…
(follow-up) Former FDIC Employee Fined for Leaking Financial Data
Merikay Wootton, 63, Lenexa, Kan., has been sentenced to 24 months probation and fined $3,600 for disclosing confidential information while she was an employee of the Federal Deposit Insurance Corporation. Wootton pleaded guilty to unlawfully disclosing confidential information from a government agency. In her plea, she admitted she was working as a loan officer for…
Hospital Explains its Breach Decisions
Joseph Goedert reports: Lincoln Medical and Mental Health Center in Bronx, N.Y., recently notified 130,495 patients of a breach of their protected health information after seven CDs a business associate FedEx’d were lost (see story). In a statement to Health Data Management, the hospital, part of NYC Health and Hospitals Corp., explains why the data…