Olivia Powell reports: More than 3.8 billion records have been exposed after digital protection firm DarkBeam left an interface containing the exposed records unprotected. The leak was discovered on September 18 by CEO of cyber security news site SecurityDiscovery, Bob Diachenko, who alerted DarkBeam to the leak. The digital protection firm immediately addressed the vulnerability…
Category: Exposure
Leander ISD sends email about students’ vaccination status to over 200 people
Melia Masumoto reports: Cedar Park Middle School sent out an email to 207 parents earlier this week, requesting updated vaccine records. But without blind coping the email addresses, every address on the email was visible to all the recipients. … The email requested an updated immunization record for those students because they were missing the…
Sweden’s Privacy Protection Agency fines insurer Trygg-Hansa for exposing sensitive customer data
The following press release was issued August 30 by Sweden’s Authority for Privacy Protection (IMY): Trygg-Hansa’s security flaws have meant that information on 650,000 customers has been accessible via the internet. The Privacy Protection Agency (IMY) is now issuing an administrative sanction fee of SEK 35 million against the company. After receiving a tip, IMY began…
Au: Federal government could pay millions in compensation over asylum seeker data breach
Ben Doherty reports: The Australian government may be liable for tens of millions of dollars in compensation to asylum seekers after it posted their personal details online while they were in immigration detention. The mass data breach, discovered by Guardian Australia in 2014, resulted in information being used, in some cases, to allegedly threaten asylum seekers, or…
Brazil’s government convicted for data leak exposed by The Brazilian Report
Amanda Audi reports: Federal government agencies were convicted for leaking data of beneficiaries of Auxilio Brasil, a flagship federal aid program now renamed as Bolsa Familia, to financial agencies offering payroll deduction loans to low-income Brazilians. Prior to elections last year, the administration of former President Jair Bolsonaro launched a program allowing people enrolled in…
Maker of ‘smart’ chastity cage left users’ emails, passwords, and locations exposed
Lorenzo Franceschi-Bicchierai reports on yet another incident in which responsible disclosure by a researcher and follow-up by media failed to get a company to address vulnerabilities that left the personal information of customers exposed: A company that makes a chastity device for people with a penis that can be controlled by a partner over the…