Benjamin Bain reports: A whistle-blower is accusing some key financial regulators of allowing sensitive broker information to become readily accessible, even as industry watchdogs emphasized the need for companies to protect client data. According to a complaint lodged with the U.S. Securities and Exchange Commission, personal data such as brokerage account numbers provided to an…
Category: Exposure
“First do no harm” should be “First, secure your patient data, Doctor!”
When they discovered more than 42,000 patient records and millions of patient clinical notes exposed on a misconfigured rsync backup, researchers at UpGuard responsibly set out to notify the entity to secure their data. It turned out to be a Herculean task that would take almost two months and multiple entities to get the job…
MX: Movimiento Ciudadano fined almost $2 million for 2016 voter list data leak
In 2016, I reported on a leak involving a Mexican voter registration database with details on 93.4 million Mexican voters. The list had been in the possession and control of one of the political parties there, Movimiento Ciudadano, who tried to claim that they were hacked by none other than Chris Vickery, who had discovered their…
SAMBA Federal Employee Benefit Association programming error resulted in mismailed information
From their press release: SAMBA Federal Employee Benefit Association (“SAMBA”) recently learned of an incident that may affect information related to eligible family members of subscribers (“family members”) covered by the SAMBA Federal Employees Health Benefits Plan in 2017. “We take this incident, and member privacy, very seriously,” Walter E. Wilson, SAMBA’s Executive Director stated….
Class action suit vs. CenturyLink and DirecTV alleges customer data can be accessed via internet search
Nat Levy reports: A lawsuit against internet provider CenturyLink and AT&T-owned DirecTV alleges the companies fail to adequately protect personal customer data — to the point that it can be found through a simple internet search. The suit was filed Monday in U.S. District Court in Seattle and seeks class action status. The plaintiff, James Jantos,…
360,000 current and former Pennsylvania teachers notified of breach
So that breach in February affecting Pennsylvania teachers affected approximately 360,000 current and former teachers. A 30-minute exposure leads to so much cost and anxiety. Ouch.