On March 22, Simon Cohen reported: Free movie streaming site Kanopy has suffered a significant data leak, according to security researcher Justin Paine. Due to an unprotected web log database, which could be publicly accessed without authentication of any kind, Paine believes that the company has been leaking “roughly 26-40 million log lines per day beginning…
Category: Exposure
A family tracking app was leaking real-time location data
Zack Whittaker reports: A popular family tracking app was leaking the real-time locations of more than 238,000 users for weeks after the developer left a server exposed without a password. The app, Family Locator, built by Australia-based software house React Apps, allows families to track each other in real-time, such as spouses or parents wanting…
Privacy body probes ‘gaps’ in FOI website interface after data leak
ABS-CBN reports: The National Privacy Commission (NPC) is looking into “gaps” in the interface of the government’s Freedom of Information website that may have caused the leak of data on users who requested documents from the website, one of the agency’s commissioners said Saturday. Columnist Wilson Chua earlier said the ID he used on government…
FEMA exposed personal information of 2.3 million disaster victims
Caroline Linton reports: FEMA mistakenly exposed personal information, including addresses and bank account information, of 2.3 million disaster victims, the Department of Homeland Security’s Office of Inspector General said in a report released Friday. The breach occurred because FEMA did not ensure a private contractor only received information it required to perform its official duties, the report said….
Ca: Shredding company denies responsibility for incident involving Grand Villa Casino cards
Aaron Hinks reports an update to an incident that does not appear to have been covered on this blog. So why am I including the update? Well, partly because it sounds like something did happen that left personal information unshredded, but also because it sounds like the earlier reporting may have impugned a firm’s reputation and…
ZOLL notifying 277,319 patients of vendor data exposure incident
ZOLL Medical Corporation, an Asahi Kasei Group Company, develops and markets medical devices and software solutions. A press release on March 18 described an incident that impacted what they describe as “some patients’ personal and medical information.” On January 24, 2019, ZOLL discovered that some email archived by an unnamed third-party service provider had been exposed…