Katrina Stokes reports: Private patient documents were accidentally left outside the old Royal Adelaide Hospital overnight in a potential security breach that has been labelled ”a serious matter” by doctors. […] A statement provided to The Advertiser from the Central Adelaide Local Health Network admitted the Health Department was “aware of an isolated issue regarding the…
Category: Exposure
AU: Port Phillip Council privacy breach exposes 700 email addresses
Ian Royall reports: Port Phillip Council has admitted a major privacy leak after exposing up to 700 ratepayers’ email addresses in a newsletter to residents about changes in Acland St in St Kilda. The data blunder was realised soon after the leak occurred last Friday but council only owned up five days later, notifying residents…
Thousands of Security Firm Job Applications Citing Top Secret US Government Work Exposed on Misconfigured Amazon Server
Dell Cameron reports: Thousands of files containing the personal information and expertise of Americans with classified and up to Top Secret security clearances have been exposed by an unsecured Amazon server, potentially for most of the year. The files have been traced back to TigerSwan, a North Carolina-based private security firm. But in a statement…
BroadSoft Inc. left millions of partners’ customer data records exposed
Bob Diachenko of Kromtech Security reports: One of the top companies that provides cloud-based unified communications has just leaked more than 600GB of sensitive files online. The Kromtech Security Center has discovered not just one but two cloud-based file repositories (AWS S3 buckets with public access) that appear to be connected to the global communication…
Yet another breach due to envelope windows?! CVS Caremark exposes patients’ HIV status in mailings
I can almost hear Yogi Berra saying, “It’s deja vu all over again.” Lou Chibbaro Jr. reports: CVS Caremark, a division of the CVS pharmacy and healthcare company, abruptly discontinued a mailing last week to patients in Ohio receiving HIV-related medication from the company after it learned that a reference to “HIV” appeared above the…
UK: Nottinghamshire County Council fined £70,000 for data protection breach
From the Information Commissioner’s Office: A council has been fined £70,000 by the Information Commissioner’s Office (ICO) for leaving vulnerable people’s personal information exposed online for five years. The Data Protection Act requires organisations to take appropriate measures to keep personal data secure, especially when dealing with sensitive information. But Nottinghamshire County Council posted the…