Lindsey O’Donnell reports: A vulnerability in British Airways’ e-ticketing system could enable a bad actor to view passengers’ personal data or change their booking information. A security bug discovered in British Airways’ e-ticketing system has the potential to expose passengers’ data, including their flight booking details and personal information. Read more on Threatpost.
Category: Exposure
Ugh. Amazon buckets with 1.8 million pharmacy-related files and 1.2 million telemarketing recordings about diabetic supplies found unsecured
Copies of fax cover letters from three pharmacies found exposed in an unsecured Amazon s3 bucket Faxes reveal patients’ names, addresses, dates of birth and their medications and doctors’ names Audio recordings in the second unsecured bucket reveals marketers claiming to represent firms that do not appear to exist as they try to get consumers…
SC: Data breach exposes information of more than 800 Charleston Co. employees
Nick Krueger reports: The Charleston County Sheriff’s Office has been notified after more than 800 Charleston County employees were part of a data breach because of an inadvertent email which was sent out by a county Human Resources employee. According to county spokesman Shawn Smetana, that email contained the names, dates of birth, social security…
Leadership for Educational Equity Leaks Out Data of 3.7 Million Members
Bill Toulas reports: According to a report by security researcher Jeremiah Fowler, the Washington-based non-profit organization named “Leadership for Educational Equity” (LEE) has left an unprotected Elasticsearch database that contained a total of 5.2 million documents. Not having set up a password, anyone could access the database, so the researcher repeatedly tried to notify the…
Anger after confidential medical records found dumped in shed
Lewis Clarke reports: Medical records and personal information regarding dozens of patients has been dumped in a shed in Tiverton. The details of patients at the former Post Hill care home include names, photos, eating habits, behaviour details, addresses of next of kin. Currently the site is in development by Barratt Wilson Homes. Read more…
Two more leaks expose Indian citizens’ personal and medical information
This week, DataBreaches.net learned that a civil court in Bengaluru had issued a preliminary junction prohibiting this site from publishing anything about a data security incident involving 1to1Help.net. This site received notice of the injunction five days after the article appeared. At the same time, I learned that 1to1Help.net had filed a criminal complaint against…