James Cox reports: A Dublin cybersecurity researcher, Aaron Costello, has found that 1.1 million NHS employee records were leaked online because of improper configuration settings in Microsoft Power Pages, a software platform used by over 250 million people a month to build websites. Mr Costello, who works with AppOmni, previously discovered a computer glitch meant the HSE’s…
Category: Exposure
N.J. school accidentally released names of kids who opted out of sex education
Tina Kelley reports: A Cherry Hill resident has asked the U.S. Department of Education to investigate the Cherry Hill School District for releasing the names of dozens of students whose families opted them out of sex education classes. The breach came after an education advocacy group filed public records requests in every district in the state,…
Professional Probation Services leak exposed almost half a million probationers’ personal info
If you say you always do right, then you should do right, right? Ouch. Over on infosec.exchange, @Jayeltee recently wrote: Professional Probation Services ( www.ppsfamily.com ) exposes almost 500,000 US probationers private data publicly, SSNs included, and when I ask them for their intentions regarding disclosure, they go into hiding mode, removing their management and…
No: Administrative fine issued to Grue municipality under GDPR
The Norwegian data protection authority (Datatilsynet) has imposed an administrative fine of NOK 250,000 [USD $22,669.69] on Grue municipality for breach of GDPR requirements. They explain: Personal data that should have been confidential was made available to unauthorised persons in the municipality’s public records. This constitutes a breach of the municipality’s duty to ensure adequate…
Fr: Macron’s bodyguards reveal his location by sharing Strava data
Iain Thomson reports: The French equivalent of the US Secret Service may have been letting their guard down, as an investigation showed they are easily trackable via the fitness app Strava. An investigation by Le Monde has shown that members of the Security Group for the Presidency of the Republic (GSPR) have been openly displaying…
Hackers Disable Internet Archive’s Wayback Machine Once Again
Matt L. Hall reports: Hackers have again created havoc with the Internet Archive and its Wayback Machine, just one day after the site reported it had been restored. While Archive-It and the Internet Archive blog are still up, currently, the rest of IA’s services are seemingly unavailable. That means if you’re an avid user of…