Ugh. vpnMentor reports: A group of free VPN (virtual private network) apps left their server completely open and accessible, exposing private user data for anyone to see. ….. Each of these VPNs claims that their services are “no-log” VPNs, which means that they don’t record any user activity on their respective apps. However, we found multiple…
Category: Exposure
UK: South East Coast Ambulance employee personal and medical details exposed
Charlie Harman reports: The South East Coast Ambulance Service has experienced a massive data breach and has referred itself to a privacy watchdog. In May, the personal and medical details of all ambulance staff could have been seen by employees outside of senior management. Read more on KentOnline
Providence Health Plan notifies members after documents exposed by business associate coding error
June turned out to be a busy month for breach reports involving health/medical data. My worksheet has more than 50 entries and I’m still adding reports as I find them. Today, I found one from Providence Health Plan in Oregon that I thought I’d mention here as it impacted almost 50,000 plan members, and I…
UK: Second NHS data leak to be fully investigated
The Orcadian reports: Another data breach at NHS Orkney has led to a confidential health board file being inadvertently sent to a member of the local press, in what has been described by the health authority’s new interim chief executive as a “regrettable” error. Michael Dickson, who is set to arrive in Orkney today, Friday,…
Serious data privacy breach at DU admit card 2020 download portal, students’ personal details available
Roshni Chakrabarty reports: Early on Thursday, two Twitter users pointed out the serious data privacy breach problems arising in the DU admit card 2020 download portal, which is part of the official Delhi University website. Anyone with the ‘gateway password’ can download the admit cards of all students in any Delhi University college. Read more…
Misconfigured firewall resulted in LogBox data exposure and conflicting claims
Earlier this week, Jake Bright of TechCrunch reported that security researcher Anurag Sen had found an exposed database belonging to LogBox, a South African medical data app that allows patients to share information with their doctors more easily. According to TechCrunch’s report, the researcher had found an exposed database containing account access tokens for “thousands…