Connor Lynch reports: The Belfast Trust is currently investigating a data breach at a mental health unit after pictures were taken of patients’ details through the window of an office. The incident took place at the Rathlin Outpatients ward of the Knockbracken Health Centre when someone entered the grounds and took pictures through an open…
Category: Exposure
4.6 Million Voter and Election Documents Exposed Online by Technology Contractor
VpnMentor reports that researcher Jeremiah Fowler discovered 13 non-password-protected databases that contained 4.6 million documents, including voter records, ballots, multiple lists, and election-related records. Through his research, Fowler found that the data was owned by Platinum Technology Resource/Platinum Elections Services. Once I was reasonably sure who managed the database, I sent a responsible disclosure notice…
Turning the tables: two gangs’ opsec fails exposed data; good guys deleted it
Yesterday’s Risky Biz News reported that threat intel firm DarkAtlas says it gained access to one of the Rclone data exfil servers used by the Medusa ransomware group. How many times have researchers uncovered exposed data and warned that threat actors might be able to acquire, manipulate, or delete data? In today’s post, we read…
UAB study postcard discloses patient information
Haven’t seen a postcard health data breach in a while, but here we are. WBRC in Birmingham Alabama reports The UAB School of Nursing has informed 1,655 patients this week of an incident in which a study recruitment postcard sent to the patients inadvertently shared protected health information (PHI). According to a press release from…
In: KEM staffers make paper plates out of patient reports; notice issued
Read the following story seen on Business Standard and then tell me what word you would use to describe your reaction. The administration of King Edward Memorial (KEM) Hospital, a civic-run facility, has issued show-cause notices to six staff members following the circulation of a video showing paper plates made from folders of patients’ reports….
Sensitive Toledo Police Department documents found in trash
Here’s a reminder that not all breaches are cyber breaches. We still read about entities that just toss files with sensitive information in the trash. Alexis Means recently reported on a police department that is allegedly a repeat offender that way: the Toledo Police Department in Ohio. Toledo Police have launched an investigation into who…