Melia Masumoto reports: Cedar Park Middle School sent out an email to 207 parents earlier this week, requesting updated vaccine records. But without blind coping the email addresses, every address on the email was visible to all the recipients. … The email requested an updated immunization record for those students because they were missing the…
Category: Exposure
Sweden’s Privacy Protection Agency fines insurer Trygg-Hansa for exposing sensitive customer data
The following press release was issued August 30 by Sweden’s Authority for Privacy Protection (IMY): Trygg-Hansa’s security flaws have meant that information on 650,000 customers has been accessible via the internet. The Privacy Protection Agency (IMY) is now issuing an administrative sanction fee of SEK 35 million against the company. After receiving a tip, IMY began…
Au: Federal government could pay millions in compensation over asylum seeker data breach
Ben Doherty reports: The Australian government may be liable for tens of millions of dollars in compensation to asylum seekers after it posted their personal details online while they were in immigration detention. The mass data breach, discovered by Guardian Australia in 2014, resulted in information being used, in some cases, to allegedly threaten asylum seekers, or…
Brazil’s government convicted for data leak exposed by The Brazilian Report
Amanda Audi reports: Federal government agencies were convicted for leaking data of beneficiaries of Auxilio Brasil, a flagship federal aid program now renamed as Bolsa Familia, to financial agencies offering payroll deduction loans to low-income Brazilians. Prior to elections last year, the administration of former President Jair Bolsonaro launched a program allowing people enrolled in…
Maker of ‘smart’ chastity cage left users’ emails, passwords, and locations exposed
Lorenzo Franceschi-Bicchierai reports on yet another incident in which responsible disclosure by a researcher and follow-up by media failed to get a company to address vulnerabilities that left the personal information of customers exposed: A company that makes a chastity device for people with a penis that can be controlled by a partner over the…
NL: Security breach at land registry exposes millions of addresses
Dutch News reports: A data breach at the Dutch land registry Kadaster has exposed the addresses of every homeowner in the Netherlands, an investigation by RTL Nieuws has found. The privacy watchdog AP called for the agency to close the loophole immediately after it was discovered by journalists. The Kadaster’s website includes a search facility…