Or Kashti reports: Sensitive personal information about students, including psychological diagnoses and school evaluations, is being stored at an unsupervised location in a corridor of an Education Ministry building in Jerusalem. Any visitor who gets through the building’s initial security inspection, if he were so inclined, could look through the documents and even take them….
Category: Breach Incidents
(follow-up) Leak of Atlanta firefighter data due to filesharing
Some additional information on a leak involving personal information on some Atlanta firefighters suggests that the files wound up on the Internet due to a filesharing program. As interesting, some city officials first found out about the leak during a security workshop where a presenter used the data as an example of what you can…
(follow-up) District Data Breach Leads to Prison Time
Dian Schaffhauser reports: A Washington State man has been sentenced to 10 years in prison after pleading guilty to 31 counts of criminal activity, most related to a school district data breach. Christopher Berge, now 21, was a student at Mountain View High School in Evergreen Public Schools when he “shoulder surfed”–physically observed–a password used…
NY: Cops: Medical records clerk stole patients’ identities
Christen Gowan reports: A medical records clerk from St. Peter’s Hospital was arrested on charges of stealing patients’ personal information and using it to open credit card accounts, police said, and more unknowing victims could be out there. Albany County Sheriff’s deputies arrested Johnathan Harwood, 23, of Van Buren Avenue, on Monday for opening credit…
Credit applications found near store Dumpster
Lisa Beisel reports: Reginald Faust of Annapolis was walking with his wife when he noticed a piece of paper – a credit application for the Room Store, he later realized – on the ground near a Dumpster in the shopping center across from the mall on Jennifer Road. He was one of several walkers in…
Atlassian hacked (update 1)
From the Atlassian company blog: Around 9pm U.S. PST Sunday evening, Atlassian detected a security breach on one of our internal systems. The breach potentially exposed passwords for customers who purchased Atlassian products before July 2008. During July 2008, we migrated our customer database into Atlassian Crowd, our identity management product, and all customer passwords…