Zack Whittaker reports: A security flaw in LabCorp’s website exposed thousands of medical documents, like test results containing sensitive health data. …. This latest security lapse was caused by a vulnerability on a part of LabCorp’s website, understood to host the company’s internal customer relationship management system. Although the system appeared to be protected with a…
Category: Exposure
H&M’s data leak in Germany “in legal examination”
Angela Gonzalez-Rodriguez reports: New York – Fashion retailer H&M (HMb.ST) said on Saturday that data security breaches found at its German unit were unacceptable and it was cooperating with the local data protection supervisory authority in its investigation into the matter. […] In October last year, the ‘Frankfurter Allgemeine Zeitung‘ reported that personal data of…
Identity and Access Misstep: How an Amazon Engineer Exposed Credentials and More
The UpGuard team reports: UpGuard can now disclose that a repository hosted on GitHub with data from an Amazon Web Services engineer containing personal identity documents and system credentials including passwords, AWS key pairs, and private keys has been secured from public access. The data was committed to a public repository on the morning of…
Microsoft discloses security breach of customer support database
Catalin Cimpanu reports on another leak discovery by Bob Diachenko: Microsoft disclosed today a security breach that took place last month in December 2019. In a blog post today, the OS maker said that an internal customer support database that was storing anonymized user analytics was accidentally exposed online without proper protections between December 5…
Security researchers — and journalists — need legislative protection in India for disclosing vulnerabilities
If there is anything positive at all about the legal bullshit 1to1Help,net has perpetrated to cover up their data leak and to deflect blame, it is the support I have received from the Internet Freedom Foundation in India. But before diving into that more, a quick update on 1to1Help’s shameful litigation: After reading the court…
Privacy breach in Corner Brook sent to commissioner’s officer for review, next steps Social Sharing
CBC News reports: An investigation into an information leak on the City of Corner Brook’s website is in the hands of the province’s privacy commissioner. An analyst with the provincial office is looking into the report of the breach, and will help determine what the next steps will be for the city. Read more on…