Tina Sfondeles reports: A computer server of a vendor with city and state contracts to sell Illinois license plate stickers and Chicago vehicle stickers at currency exchanges was exposed to the Internet in May — although city and state officials insist there was no security breach. But that’s not enough for one Cook County watchdog,…
Category: Exposure
Nando’s is investigating a ‘potential online breach’, but so far has not found any leaks
James de Villiers reports: Nando’s South Africa has denied that it shut down its Firestarters survey platform after a customer raised concerns that his personal contact details were on display for others to see. In a screenshot of a WhatsApp conversation posted on Monday evening, Twitter user Jarn Athern (@JonWithTheFace) detailed how he was contacted…
UK: Estate agency fined £80,000 after accidentally exposing personal info online for two years
The Information Commissioner’s Office issued the following press release involving a monetary penalty related to an unintended exposure incident and a misconfiguration. Imagine if every such leak here resulted in the FTC or a state attorney general fining the entity….. The Information Commissioner’s Office (ICO) has fined a London estate agency £80,000 for leaving 18,610…
Independent Age data breach merits no regulator action
Stephen White reports: Confidential data of employees at older people’s charity, Independent Age, have been accidentally exposed to a former worker. The blunder occurred as the company responded to the ex-staff member’s submission of a DSAR (data subject access request). Independent Age says that the security breach compromised personal data, including bank information, sort codes, account…
Personal Data (Incl. SMS & Calls) of Mobile Loan App Users in China Left OPEN for ALL to See
Jim Wilson of Safety Detectives reports on some of their team’s recent findings: Safety Detectives’ research team has recently discovered a sizeable data leak (over 899gb and growing by the day) of a China-based server, which has now been closed. We are unable to confirm the company behind the leak, but according to the data,…
HIPAA nightmare: An IT vendor’s error left more than 300,000 files with protected health information exposed
Medico, Inc.’s IT vendor’s error left at least two Amazon buckets unsecured More than 300,000 files contained protected health information related to patient billing, complete with insurance information and treatment codes Leaks were independently discovered by at least three researchers using different search methods It’s been a rough few months in terms of business associates…