Hunton Andrews Kurth writes: On April 15, 2019, the Greek Data Protection Authority (“DPA”) fined Hellenic Petroleum S.A. EUR 20,000 for unlawful processing of personal data and EUR 10,000 for failing to adopt appropriate data security measures. Hellenic Petroleum S.A. had engaged a vendor to conduct a study on its behalf. The study was exposed…
Category: Exposure
PA: Millions of rehab records exposed on Steps to Recovery’s unsecured database
Laura Hautala reports: It’s some of the most sensitive medical information a person could have. Records for potentially thousands of patients seeking treatment at several addiction rehabilitation centers were exposed in an unsecured online database, an independent researcher revealed Friday [link corrected by DataBreaches.net]. The records included patients’ names, as well as details of the…
ME: Acadia Hospital mistakenly released confidential information of 300 Suboxone patients
Callie Ferguson reports: A communications official at Northern Light Acadia Hospital in Bangor mistakenly emailed the confidential names of 300 patients with prescriptions for Suboxone, a medication used to treat opioid use disorder, to an editor at the Bangor Daily News last week. In addition to their names, the list also contained the identities of…
Over 100 Million JustDial Users’ Personal Data Found Exposed On the Internet
Remember what I said earlier today about India being a data protection mess? Here’s another example. Mohit Kumar reports: An unprotected database belonging to JustDial, India’s largest local search service, is leaking personally identifiable information of its every customer in real-time who accessed the service via its website, mobile app, or even by calling on…
Update on Meditab breach
On March 19, this blog linked to a TechCrunch report about an improperly secured Meditab fax server that potentially allowed fax images with patient information to be accessed from an analytics portal. The exposure had been found by SpiderSilk, a cybersecurity firm in Dubai, who estimated that 6 million images were potentially accessible. The TechCrunch…
UT fired counselor accused of disclosing student’s PTSD
Sarah Elms reports: A University of Toledo counselor accused of improperly disclosing a student’s personal health information has been fired. University officials on Dec. 18, 2018, notified Mychail Scheramic that his employment would be terminated at close of business March 18. He was hired in 2017 as the university’s counseling center director and was paid…