Ben Nielsen and Rebecca Puddy report: An online ticketing company has moved quickly to fix a “potential data leak” after a university student claimed the personal details of thousands of people had been revealed. In a statement posted on its website, Get said it had “immediately acted” following reports of a “potential vulnerability” in its…
Category: Exposure
Il: Netanyahu’s Party Exposed Personal Details, Political Affiliation of Millions of Israelis
Hagai Amit reports: Who supports Likud? Anyone could have found that out until Sunday afternoon, using the party’s database, which contained information about four million Israelis that appears in the country’s voter registration rolls. The party blocked access to the website just 20 minutes after Haaretz called on Sunday to inquire why these data were…
Ca: Potential health data breach exposing names, medical conditions discovered by privacy researcher
Francesca Fionda reports: Up on the roof of the Vancouver Public Library, privacy researcher Sarah Jamie Lewis connects a small antenna to her laptop to listen in on what appears to be a major ongoing breach of sensitive health data of patients in the Vancouver area. For months, she says, personal information has been sent…
Undisclosed number of Boy Scouts and their parents had their information exposed by Trails End
Katie Peralta reports: A partner of the Boy Scouts of America inadvertently exposed the personal information of children and their parents last month. What happened: Boy Scouts nationwide sell popcorn to raise funds for activities like camping trips — just like Girl Scouts sell cookies. To facilitate the sales process, Boy Scouts of America uses…
Data breach after lax NZTA security
Phil Pennington reports: The New Zealand Transport Agency (NZTA) has admitted to a technology botch up leaving what was meant to be a highly secure data key wide open. “The transport agency can confirm the Google API was incorrectly left open as part of the Traffic Watcher pre-production set up,” NZTA said in statement. Read…
Alive Hospice’s breach notification required a second breach notification
It occasionally happens that a breach or incident response creates a second incident of its own. That seems to be the case with Alive Hospice, as this newest press release suggests, but does this require second notification to HHS/OCR? My first impression is that it would, but I’m interested to hear what HIPAA lawyers might…