Exposure – Page 168 – DataBreaches.Net

MO: Burrell Behavioral Health notified more than 67,000 patients whose ePHI were exposed by business associate

Posted on March 30, 2019 by Dissent

On March 29, Burrell Behavioral Health published a news release about an unnamed business associate accidentally exposing ePHI of more than 67,000 patients back in August, 2018. Burrell’s notification, reproduced below, does not indicate when the problem was first detected nor how they learned of it, but it was they who notified their business associate…

New Shodan Tool Warns Organizations of Their Internet-Exposed Devices

Posted on March 29, 2019 by Dissent

Kelly Jackson Higgins reports: Famed Internet search engine Shodan this week rolled out a service that helps solve the underlying problem its tool exposes: The new Shodan Monitor alerts organizations about their devices left exposed on the public Internet. […] Matherly says setting up Shodan Monitor – which is free to all paying Shodan members – takes…

Rela, a Chinese lesbian dating app, exposed 5 million user profiles

Posted on March 28, 2019 by Dissent

Zack Whittaker reports: Rela (热拉), a popular dating app for gay and queer women, has exposed millions of user profiles and private data because a server wasn’t protected with a password. Rela disappeared from app stores in May 2017 after it was reportedly shut down by Chinese regulators, though the government never confirmed it took…

Voya Financial Advisors exposes more sensitive adviser information on its website

Posted on March 27, 2019 by Dissent

Less than six months after Voya made headlines by agreeing to pay $1 million to settle SEC charges stemming from a 2016 breach, they have been back in the news after two incidents — one embarrassing and one concerning. Bruce Kelly reports: Weeks after a computer glitch risked exposing the Social Security numbers of its…

Hosting Provider Finally Takes Down Spyware Leak of Thousands of Photos and Phone Calls

Posted on March 27, 2019 by Dissent

Lorenzo Franceschi-Bicchierai has an update on a recent story: A company that sells cellphone spyware to consumers left 95,000 images and more than 25,000 audio recordings on a server accessible to anyone on the internet for weeks. The sensitive data was so easy to access, that Motherboard couldn’t even name the spyware company in its…

Butler County employee suspended after emailing spreadsheet with personal information

Posted on March 26, 2019 by Dissent

Denise G. Callahan reports: The Butler County commissioners approved a two-day, unpaid suspension for an employee who inadvertently sent out an email with wellness information regarding the county’s health insurance, which might have violated HIPAA laws. Shawna Smith, the county’s wellness coordinator, sent out an email in September with a spreadsheet that included hidden columns…