Max Metzger reports: A list of suspected criminals has been leaked online. The list was leaked from a Thomson-Reuters due diligence service, World-Check. which profiles individuals and businesses suspected of ties to organised crime and terrorism. The leaked database contains 2.2 million records from an old list, dated back to mid-2014. Read more on SC…
Category: Exposure
Massachusetts General Hospital Dental Group notifies patients of Patterson FTP server incident
Back in February, this site reported that a Patterson Dental anonymous FTP server was leaking patient data, according to a security researcher who had discovered the problem and reported it to them and then this site. One of the entities, the Massachusetts General Hospital Dental Group, had patient data caught up in that leak, and…
French police hit by security breach as data put online
BBC reports: The personal details of 112,000 French police officers have been uploaded to Google Drive in a security breach just a fortnight after two officers were murdered at their home by a jihadist. A mutual organisation which provides extra health and other insurance benefits for police says the details were uploaded by a disgruntled…
Lording it over the healthcare sector: health insurer database with 9.3M entries up for sale
As if yesterday’s news that three databases with 655,000 patients’ records were up for sale on TheRealDeal by “TheDarkOverlord” wasn’t disturbing enough, today they’ve listed a database with 9.3 million records from an unnamed U.S. health insurer. The listing sets a retail price of 750 BTC, which is almost $500,000.00, and the seller describes it this…
More details emerge on hacked patient databases up for sale
Yesterday, I reported that three unidentified patient databases had been put up for sale on the darknet on TheRealDeal market. I was subsequently able to have a chat with TheDarkOverlord (the hacker/seller) about the hacks and the refusal of the victims to pay the extortion demands. You can read more of what TheDarkOverlord shared with me…
Trying to get Maricopa County to respond to a privacy concern? Good luck with that!
As I’ve lamented (ok, bitched) many times: trying to notify an entity of a privacy or data security concern can be time-consuming and frustrating if the entity does not provide a clear means to notify them or doesn’t respond to your e-mails or calls. If you are thinking of trying to notify Maricopa County, Arizona…