Darryl Burke wrote: Sweet Chat, an Android based chatting and photo sharing application with over 10 million users, has been exposing its users chat content, and photos on an unsecured server. By using common MQTT related tools anyone can view real-time, the chats and private photos of all online Sweet Chat users. Review of the…
Category: Breach Incidents
Do your office staff and answering service know how to respond to a notification?
Over the years, there have been numerous occasions when I’ve called a doctor’s office or service to alert them to a data leak or HIPAA breach. In some cases, I’ve reached office staff. In other cases, it may be an answering service. All too often, however, most of the people who have taken my calls…
Delta Airlines sues [24]7.ai over 2017 data breach
Those with good memories may recall that in April, 2018, we learned that hundreds of thousands of customers of Delta Airlines, Sears, Kmart, and BestBuy were impacted by a breach involving [24]7.ai – a California headquartered service that provides online customer chat for their clients’ web sites. The breach occurred between September 26 and October…
Two more leaks expose Indian citizens’ personal and medical information
This week, DataBreaches.net learned that a civil court in Bengaluru had issued a preliminary junction prohibiting this site from publishing anything about a data security incident involving 1to1Help.net. This site received notice of the injunction five days after the article appeared. At the same time, I learned that 1to1Help.net had filed a criminal complaint against…
New Hampshire Governor Signs Insurance Data Security Law
Hunton Andrews Kurth writes: On August 2, 2019, New Hampshire Governor Chris Sununu signed into law SB 194 (the “Bill”), which requires insurers licensed in the state (“licensees”) to put in place data security programs and report cybersecurity events. Although the Bill takes effect January 1, 2020, licensees have one year from the effective date…
Amarin Pharma notifies patients of data leak discovered by vpnMentor
On June 20, vpnMentor reported on a leak they discovered involving data from patients interested in Vascepa. Reading their report, it seemed that they could see that Vascepa figured prominently in the data but they do not mention whether they ever contacted Vascepa’s manufacturer, Amarin Pharma — or if not, why not. On August 5,…