Heather Landi reports: Browser extensions, also known as add-ons or plug-ins, are commonly used by desktop Web surfers to do things ranging from blocking ads to remembering passwords to checking grammar. According to an independent security researcher, some extensions have been leaking and exposing browsing activity data, including patient names and health information from healthcare…
Category: Exposure
QuickBit Confirms Details of More Than 300,000 Customers Were Exposed
Neil Dennis reports: QuickBit, a cryptocurrency exchange listed in Sweden, confirmed on Monday reports of a security breach that left many of its customer records exposed. Reporting for Comparitech, tech writer Paul Bischoff claimed that a database containing more than 300,000 customer records was left open so “anyone online could view its contents”. Read more…
All clear? Server exposure from Illinois vendor with access to driver’s license data raises questions
Tina Sfondeles reports: A computer server of a vendor with city and state contracts to sell Illinois license plate stickers and Chicago vehicle stickers at currency exchanges was exposed to the Internet in May — although city and state officials insist there was no security breach. But that’s not enough for one Cook County watchdog,…
Nando’s is investigating a ‘potential online breach’, but so far has not found any leaks
James de Villiers reports: Nando’s South Africa has denied that it shut down its Firestarters survey platform after a customer raised concerns that his personal contact details were on display for others to see. In a screenshot of a WhatsApp conversation posted on Monday evening, Twitter user Jarn Athern (@JonWithTheFace) detailed how he was contacted…
UK: Estate agency fined £80,000 after accidentally exposing personal info online for two years
The Information Commissioner’s Office issued the following press release involving a monetary penalty related to an unintended exposure incident and a misconfiguration. Imagine if every such leak here resulted in the FTC or a state attorney general fining the entity….. The Information Commissioner’s Office (ICO) has fined a London estate agency £80,000 for leaving 18,610…
Independent Age data breach merits no regulator action
Stephen White reports: Confidential data of employees at older people’s charity, Independent Age, have been accidentally exposed to a former worker. The blunder occurred as the company responded to the ex-staff member’s submission of a DSAR (data subject access request). Independent Age says that the security breach compromised personal data, including bank information, sort codes, account…