Iain Thomson reports: Big-name websites leaked people’s private session keys and personal information into strangers’ browsers, due to a Cloudflare bug uncovered by Google security researchers. Cloudflare helps companies spread their websites and online services across the internet. Due to a programming blunder, for several months Cloudflare’s systems slipped random chunks of server memory into…
Category: Exposure
NYC Dept. of Education email gaffe exposes 439 paraprofessionals’ SSN
Jim Hoffer reports: New York City’s Department of Education accidentally sent out an email that had not just the names, but also the Social Security numbers of hundreds of employees. […] “The attachment was a list of Department of Education para-professionals, exactly 439 names, first, last names and Social Security numbers,” the teacher’s assistant said….
Millions of IGN and PCMag user records sit exposed, online
Chris Bing reports: A website configuration issue affecting itmanagement.com, a property owned by New York City digital publisher Ziff Davis, can be exploited to access a company database full of private user contact information, including names, phone numbers, employment details, email and employer addresses. The database also contains contact information for users registered on other Ziff Davis properties….
Guelph settles $1-million lawsuit, gets back personal files
City hall has settled the wrongful dismissal lawsuit launched by former chief building official Bruce Poole and has also recovered personal information about City of Guelph employees that was inadvertently given to Poole’s lawyers. These announcements, made in two separate but related city hall news releases late Tuesday afternoon, conclude a matter that cost deputy…
Harvard Computer Society’s Face Should be VERY Crimson: Inadvertently Exposed Student Info Online – for YEARS
Hannah Natanson & Derek G. Xiao report: More than 1.4 million emails—some divulging Harvard students’ grades, financial aid information, and at least one individual’s Social Security number—sent over Harvard Computer Society email lists were open to the public until Monday. Teaching fellows, resident tutors, College administrators, and thousands of undergraduates have used the email list…
UK: ‘Shambles’ as council makes blunder with children in care register
Express & Star reports: The council mistakenly sent the list of children, including personal information, to a number of its in-house foster carers. It has now launched an investigation into the data breach and insisted that ‘no children were put at risk’. But County Councillor George Adamson, who is also the leader of Cannock Chase District…