Ina Steiner reports: In what appears to be a major breach of customer privacy, eBay is exposing customers’ real first and last names, as well as the items they’ve purchased, publicly on Google. While the idea that your real name is exposed in a product review you left for a benign product like clothing or…
Category: Exposure
Glens Falls Hospital workers’ Social Security numbers and flu shot status released in internal email
Michael Goot reports on a breach involving hospital employees’ health information. In this case, the health information relates to a work issue, and Social Security numbers are also involved, but it’s still their health information that caught my eye. The names and Social Security numbers of Glens Falls Hospital employees who had not received flu…
Bittrex ‘Leaks’ User Passports In Support Emails, Says Russian Telegram Channel
William Suberg reports: Bittrex is reportedly leaking users’ passport scans and photographs as KYC emails from customer support contain dire security errors. As reports a Russian-language news channel on Telegram, users who go through the exchange’s manual KYC verification but are rejected receive an email from customer support. Along with the private documents the user…
Sg: oBike reviewing app security after international user data lea
Zhaki Abdullah reports: Bicycle-sharing operator oBike is reviewing the security of its app, following a leak that affected its users’ data in 14 countries worldwide. German broadcaster Bayerischer Rundfunk reported last week that unencrypted oBike user data – names and ride locations, for example – were accessible online. A spokesman for the Singapore-based firm said…
Ashley Madison takes your privacy very seriously…. until they don’t…
Thomas Fox-Brewster reports: Despite the catastrophic 2015 hack that hit the dating site for adulterous folk, people still use Ashley Madison to hook up with others looking for some extramarital action. For those who’ve stuck around, or joined after the breach, decent cybersecurity is a must. Except, according to security researchers, the site has left photos of…
Private data on Gloucestershire hospital patients transferred to America by mistake
Matt Discombe reports: Private patient data held by Gloucestershire hospitals was mistakenly uploaded to a server in the USA due to problems with its new electronic record system. Information on 56 patients held by Gloucestershire Hospitals NHS Foundation Trust had been erroneously copied onto the server in October. The records, which included ‘identifiable sensitive data’…