BBC reports: B&Q says it has taken action after being told that it exposed details of suspected store thieves to the net without password protection. The matter was brought to light by a security researcher last week. He said the DIY chain had taken the data offline, but was unable to get a response from…
Category: Exposure
MY: Over 1 Million UiTM Students and Alumni Personal Details Leaked Online
Vijandren reports: A total of 1,164,540 records, belonging to students who enrolled for various courses at Universiti Teknologi Mara (UiTM) between 2000 and 2018 has been breached and leaked online. The leaked data includes detailed records of students from the UiTM main campus in Shah Alam, as well as it’s 13 autonomous state campuses around the…
UK: Theology lecturer breaches confidentiality in mass email
Melissa Tutesigensi reports: A private email containing sensitive information about a student was sent to all Theology undergraduates this morning. The discussion about a student’s mental health and attendance was accidentally forwarded to several hundred students. The student was explicitly named in the email and specific details about their university life were highlighted. In the…
Millions of bank loan and mortgage documents have leaked online (UPDATED)
Update: One day later, the story of the OpticsML breach got much worse when Bob Diachenko found a second exposure involving the vendor. Read about it here. Original post: Zack Whittaker reports on a leak discovered by Bob Diachenko of Security Discovery: A trove of more than 24 million financial and banking documents, representing tens…
Why doesn’t Twitter have a way to notify them of leaks or concerns outside of a bug bounty program?
L33tdawg writes: Twitter has owned up to a privacy goof that exposed some Android users’ private tweets. That would be bad enough if the problem existed for an hour, or a day, or a month. But unfortunately for Twitter (and affected users) the problem was present from November 3 2014 until January 14 2019. That’s…
Privacy breach hits 45,000 recipients of Ontario’s disability support program
Kristin Rushowy reports: Ontario’s social services minister has apologized after the Mississauga disability support program office mistakenly emailed the private information of 45,000 people to 100 recipients. “On December 20th, due to a clerical error, the Mississauga ODSP office unintentionally shared some individuals’ information over email,” said Lisa MacLeod in a statement. [..] The December…