I’m not sure I understand from the notification (reproduced below) how this incident occurred, but Central New York Cardiology is notifying 824 patients after the post office sent them a package of patient records that had been found loose in a mail receptacle. The records were appointment lists from October 2017 that, according to CNYC, should…
Category: Breach Incidents
Australia Zoo Breached
Australia Zoo, home of the croc hunter otherwise known as Steve Irwin is one of Queensland’s leading tourist attractions. It also attracted the attention of a pentester who has provided CyberWarNews with evidence that the main website for the zoo has been compromised. The pentester, a Pakistani penetration tester named Touseef Gul, has previously made…
Deceased Patient Data Being Sold on Dark Web
Oren Koriat reports: … Recently, Cynerio has detected an interesting new wrinkle in the sale of stolen medical data on the dark web. Our research team found a post from a vendor on the dark web offering the medical records of the deceased. In this dark web listing, the vendor mentions that 60,000 of the stolen…
After Strava, Polar is Revealing the Homes of Soldiers and Spies
Foeke Postma reveals the disastrous situation: Polar, a fitness app, is revealing the homes and lives of people exercising in secretive locations, such as intelligence agencies, military bases and airfields, nuclear weapons storage sites, and embassies around the world, a joint investigation of Bellingcat and Dutch journalism platform De Correspondent reveals. In January Nathan Ruser discovered that…
SystmOne software glitch fouls up opt-out, results in NHS improperly sharing 150,000 patients’ info
BBC reports: The NHS is blaming a coding error for 150,000 patients in England being involved in a data breach. Those affected had requested that their confidential health information only be used to help provide them with care. But it appears that there was a problem with the software used by GPs to record objections…
Homeland Security subpoenas Twitter for an independent researcher’s information
Homeland Security has subpoenaed Twitter for the account information of an independent researcher who has been the source of a number of this site’s reports. Is this just another chapter in the war on independent researchers to try to chill speech? Or is there more to the story that we do not yet know? Zack…