From the Information Commissioner’s Office: A council has been fined £70,000 by the Information Commissioner’s Office (ICO) for leaving vulnerable people’s personal information exposed online for five years. The Data Protection Act requires organisations to take appropriate measures to keep personal data secure, especially when dealing with sensitive information. But Nottinghamshire County Council posted the…
Category: Exposure
Personal info, Social Security numbers for lacrosse players posted on MLL website
WHEC reports: Major League Lacrosse is investigating a massive data leak that exposed every individual player’s personal information. According to an email the league sent to all players Monday evening — that was in turn sent to News10NBC by a player — a link on one of their website pages mistakenly re-directed browsers to a…
Tax documents with personal info found in East Naples dumpster
WINK News reports: A box with files full of tax-related personal information from dozens of people was found in an open dumpster by U.S. 41. A man, who declined to be identified, made the discovery last month while bicycling near the dumpster at a plaza in East Naples. The files were stuffed with unshreded forms…
Insurer’s mailing to customers made HIV status visible through envelope window
Erin Mershon reports that a mailing error by health insurer Aetna exposed sensitive information: Thousands of people with HIV received mailed letters from Aetna last month that may have disclosed their HIV status on the envelope. The letters, which Aetna said were sent to approximately 12,000 people, were meant to relay a change in pharmacy…
KS: When your incident response creates a second problem….
On August 16, Salina Family Healthcare posted a substitute notice about a ransomware incident: Salina, Kansas – August 16, 2017 – Salina Family Healthcare Center (“SFHC”) has become aware of a data security incident that may have resulted in the disclosure of personal and protected health information of our patients and payment guarantors. Although at…
AU: OAIC investigating Flight Centre customer data leak
Allie Coyne reports: Travel agency Flight Centre is under investigation by the country’s privacy regulator after accidentally releasing personal information of an undisclosed number of its customers to third-party suppliers. The firm confirmed last month that “human error” was behind the data breach. It has not said how many customers were affected, nor what personal…