Seen on Twitter: BREAKING: Dutch hospital that just got fined 460.000 euro by Dutch DPA for staff snooping in medical files, is in the news today again: staff used medical files as grocery list. Left them in shopping cart supermarket. Compliance is a cultural issue!https://t.co/LhVELzgL8J #GDPR — Jeroen Terstegge (@PrivaSense) September 7, 2019 A google…
Category: Exposure
UK: Gender identity clinic leaks almost 2,000 patients’ email addresses
Chris Fox reports: The Charing Cross Gender Identity Clinic sent patients an email about an art competition, with hundreds of others CC-ed in. The clinic later tried to recall the message but the error had already been noticed. The Tavistock and Portman NHS Foundation Trust, which is responsible for the clinic, is investigating. Read more…
Monster.com says a third party exposed user data but didn’t tell anyone
Zack Whittaker reports: An exposed web server storing résumés of job seekers — including from recruitment site Monster — has been found online. The server contained résumés and CVs for job applicants spanning 2014 and 2017, many of which included private information like phone numbers and home addresses, but also email addresses and a person’s…
DK-Lok data breach exposes global enterprise client data, internal emails
Charlie Osborne reports: Perhaps, one day, the continual stream of data leaks and cybersecurity breaches stemming from open databases will make organizations sit up, take notice, check their IT infrastructure, and resolve any security problems they find. Today is not that day it seems for DK-Lok, the latest entry in a long list of companies…
Teletext Data Breach Exposes Over 200,000 Customer Phone Call Recordings
Conor Reynolds reports: Package Holiday firm Truly Travels exposed over 200,000 customer phone call recordings and data files on a publicly accessible server. Over 530,000 data files were discovered in an unsecured Amazon Web Services server. Of these files 212,000 were audio files that held recordings of Teletext customers who had contacted the firms India-based…
Privacy Snafu Exposes UK Holidaymakers’ Data for Three Years
Phil Muncaster reports: The personal details of over 200,000 customers of a British holiday firm were left exposed in audio files for several years, according to a new report. Truly Travels, which trades under the name Teletext Holidays, is unusual in that consumers browse its website for package deals before completing their order over the…