Bob Diachenko of Kromtech Security reports: One of the top companies that provides cloud-based unified communications has just leaked more than 600GB of sensitive files online. The Kromtech Security Center has discovered not just one but two cloud-based file repositories (AWS S3 buckets with public access) that appear to be connected to the global communication…
Category: Exposure
Yet another breach due to envelope windows?! CVS Caremark exposes patients’ HIV status in mailings
I can almost hear Yogi Berra saying, “It’s deja vu all over again.” Lou Chibbaro Jr. reports: CVS Caremark, a division of the CVS pharmacy and healthcare company, abruptly discontinued a mailing last week to patients in Ohio receiving HIV-related medication from the company after it learned that a reference to “HIV” appeared above the…
UK: Nottinghamshire County Council fined £70,000 for data protection breach
From the Information Commissioner’s Office: A council has been fined £70,000 by the Information Commissioner’s Office (ICO) for leaving vulnerable people’s personal information exposed online for five years. The Data Protection Act requires organisations to take appropriate measures to keep personal data secure, especially when dealing with sensitive information. But Nottinghamshire County Council posted the…
Personal info, Social Security numbers for lacrosse players posted on MLL website
WHEC reports: Major League Lacrosse is investigating a massive data leak that exposed every individual player’s personal information. According to an email the league sent to all players Monday evening — that was in turn sent to News10NBC by a player — a link on one of their website pages mistakenly re-directed browsers to a…
Tax documents with personal info found in East Naples dumpster
WINK News reports: A box with files full of tax-related personal information from dozens of people was found in an open dumpster by U.S. 41. A man, who declined to be identified, made the discovery last month while bicycling near the dumpster at a plaza in East Naples. The files were stuffed with unshreded forms…
Insurer’s mailing to customers made HIV status visible through envelope window
Erin Mershon reports that a mailing error by health insurer Aetna exposed sensitive information: Thousands of people with HIV received mailed letters from Aetna last month that may have disclosed their HIV status on the envelope. The letters, which Aetna said were sent to approximately 12,000 people, were meant to relay a change in pharmacy…