Steve Ragan reports on a leak first uncovered by Chris Vickery of MacKeeper Security Research Center. Kudos to Steve for ensuring that notification was made so that the files got secured, even though it’s not yet clear for how long they were exposed and whether others may have accessed them. Steve writes: Misconfigured Rsync instances…
Category: Exposure
Translation company leaks personal data of employees, customers, and many other private documents online
Zack Whittaker reports: A California-based translation and interpreter company has confirmed a massive data exposure, which if abused could have let hackers raid the company’s systems and email accounts, and ransack other sensitive corporate and financial information. What happened? Blame an unprotected backup drive spilling thousands of files onto the internet. […] The drive belongs…
California snafu releases personal info of nearly 4,000 gun safety instructors
Perry Chiaramonte reports: The private information of thousands of California firearms instructors was accidentally released by the state late last year in response to a journalist’s Freedom of Information request. The data request was made in August, when a reporter for Southern California Public Radio (KPCC), an NPR affiliate, sought all information on Firearms Safety…
Confidential medical documents from Sainte-Justine Hospital leaked
Pasquale Turbide reports: Officials at Sainte-Justine Hospital are working to resolve a privacy breach after a pediatrician leaked confidential documents to a media outlet before taking his own life. According to Radio-Canada, Dr. Alain Sirard sent a USB key last December to Québécor that contained confidential documents, such as excerpts of medical files and reports…
Affiliates able to access databases of ALL Hello Markets brands and CRM data in massive security breach
Andrew Saks-McLeod reports: When providing white label solutions to brands, as is the case of a number of smaller retail FX brokerages that either do not have the resources or the business direction to invest in their own servers and infrastructure, as well as the entire OTC binary options business, the security of data is…
Ball State U. sends ‘accidental email,’ violates FERPA
Oops. The Ball State Daily reports: An email sent out on Tuesday did more than just inform students about their academic status. Students who earned a GPA below 2.0 were notified in December about their academic progress, and on Jan. 10, another email was intended to inform students about ways to improve their GPAs. But…