Sarah Coble reports: Kentucky’s unemployment system appears to have suffered its second data breach in four months after a claimant reported being able to view another claimant’s personal data. The reporter of the alleged breach logged on to the Office of Unemployment Insurance’s (OUI) online system on July 27 to work on their unemployment application. While trying…
Category: Exposure
Ca: Metrolinx investigating privacy breach after 2K email addresses of fined riders revealed
Nick Westoll reports: Metrolinx, the transit organization that oversees GO Transit and UP Express, officials say they are investigating a privacy breach that saw more than 2,000 email addresses of riders who were fined publicly revealed in a mass email. Read more on Global News.
Robocall Legal Advocate Leaks Customer Data
Brian Krebs reports: A California company that helps telemarketing firms avoid getting sued for violating a federal law that seeks to curb robocalls has leaked the phone numbers, email addresses and passwords of all its customers, as well as the mobile phone numbers and other data on people who have hired lawyers to go after…
UK: Hospital investigating possible confidentiality breach
Emily Roberts reports: Personal details about women who have had a stillbirth appear to have mistakenly been published online by the trust which runs Basingstoke hospital. […] Three reviews were published in two different documents in June and July, providing details including the date and time of the stillbirth, the women’s age and BMI, the…
Leaky S3 buckets have gotten so common that they’re being found by the thousands now, with lots of buried secrets
Shaun Nichols reports: The massive amounts of exposed data on misconfigured AWS S3 storage buckets is a catastrophic network breach just waiting to happen, say experts. The team at Truffle Security says its automated search tools were able to stumble across some 4,000 open Amazon S3 buckets that included data companies would not want public, things like…
Morgan Stanley Hit with Class Lawsuit Over Alleged Data Breaches
Jed Horowitz reports: Former and current Morgan Stanley customers have filed a putative class-action lawsuit alleging negligence and invasion of privacy over the firm’s failure to properly scrub decommissioned hardware of personal information such as social security numbers, account numbers and other personal data. Morgan Stanley earlier this month began notifying brokers and customers that some…