Carly Page reports: Energy giant Npower has admitted that a security screw-up saw the personal details of some 5,000 customers shared via post. While there doesn’t appear to be a warning on the company’s website or social media channels, the BBC reports that Npower is “urgently investigating” the incident, which saw customers’ details shared in…
Category: Exposure
Cloud data management firm Veeam exposes 200GB of data on AWS instance
Duncan Riley reports: Cloud data management company Veeam Software Inc. is the latest of many companies to expose customer data via a misconfigured cloud instance, with 200 gigabytes of data relating to more than 440 million customer records found online. Detailed by security researcher Bob Diachenko, the leak of the data was discovered on a MongoDB database…
AZ: Files containing patient info left unsecured at TMC HealthCare property
Gloria Knott reports: More than a thousand paper files containing patient information were left unsecured during a 2-week time frame at a storage suite on TMC HealthCare property in July, a news release from TMC HealthCare says. TMC HealthCare is the umbrella organization that includes Tucson Medical Center and other offices. This particular incident did…
For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records
Brian Krebs reports: mSpy, the makers of a software-as-a-service product that claims to help more than a million paying customers spy on the mobile devices of their kids and partners, has leaked millions of sensitive records online, including passwords, call logs, text messages, contacts, notes and location data secretly collected from phones running the stealthy…
Personal info for 2,000 DC students mistakenly posted online
Fox5 reports: The personal information for 2,000 homeless D.C. students was mistakenly published online and accessible for six months, school officials said. According to D.C. Public Schools, the accidental disclosure took place after a spreadsheet with the students’ information was provided to the D.C. Council. The spreadsheet was then posted on the council’s website. The information included…
Government transparency site revealed Social Security numbers, other personal info
Tal Kopan reports: A federal government transparency website made public dozens, if not hundreds, of Social Security numbers and other personal information in a design error during a system upgrade. The error, on a Freedom of Information Act request portal, was fixed after CNN alerted the government to the situation. For weeks prior, however, individuals’…