David Hollingworth reports: The Australian Human Rights Commission (AHRC) has revealed that more than 600 submissions and nominations to the commission’s website were accidentally exposed online between April and May 2025. The AHRC became aware of the breach on 10 April, when it discovered that attachments uploaded to its complaint web form between 24 March…
Category: Exposure
Public notice for individuals affected by an information security breach in the Social Services, Health Care and Rescue Services Division of Helsinki
An internal information security breach has been identified in the Social Services, Health Care and Rescue Services Division of the City of Helsinki. The breach concerns client data from certain Family Law Services, which between 2012 and 2019 was stored on the Division’s internal network without adequate access restrictions. No external parties have had access…
Dating app Raw exposed users’ location data and personal information
Zack Whittaker reports: A security lapse at dating app Raw publicly exposed the personal data and private location data of its users, TechCrunch has found. The exposed data included users’ display names, dates of birth, dating and sexual preferences associated with the Raw app, as well as users’ location. Some of the location data included…
No need to hack when it’s leaking (CORRECTED)
Please note the correction at the bottom of this post. Researcher Jeremiah Fowler recently discovered an unsecured database with protected health information (PHI) that appeared to be linked to Atrium Health in North Carolina. As reported at WebsitePlanet, there were 21,344 records with a total size of 6.99 GB. The database appeared to be an…
Psychiatric documents with sensitive patient info found ‘loosely blown about’ near Regina medical clinic
Brandon Harder reports: The private records of patients at the Elphinstone Medical Clinic were just laying loose on the ground in a nearby alley and an empty lot. According to a report from Saskatchewan’s Information and Privacy Commissioner (SIPC), a person referred to as “Individual A” saw a Facebook post on Oct. 27, 2024 that referenced patient…
No need to hack when it’s leaking: SavantCare edition
Today’s concerning leak is brought to you by SavantCare. The leak was discovered by an independent researcher who first reported it on his blog yesterday. In his report, @JayeLTee states that he found exposed data that included data from SavantCare employee chats. “Over two-thirds of the 308 users on the chat were for SavantCare, a…