Dell Cameron reports: A leaky database has exposed the physical security of multiple Oklahoma Department of Public Safety facilities and at least one Oklahoma bank. The vulnerability—which has reportedly been fixed—was revealed on Tuesday by Chris Vickery, a MacKeeper security researcher who this year has revealed numerous data breaches affecting millions of Americans. The misconfigured…
Category: Exposure
Physician took work home, and there it stayed after his employment terminated (UPDATED)
Here’s a breach that was actually disclosed in June, but first was posted to HHS in July. Kudos to HIPAAJournal who found their statement on their website when my old eyes missed the small print. You can read HIPAAJournal’s coverage here. The following is from Midland Memorial Hospital’s statement concerning a breach that impacted 1,468 patients: MIDLAND,…
AU: Breach sees abusive dad given address to his kids
It’s these “small breaches” that are often the most worrisome, as I’ve said ad nauseum for a decade. Here’s a case where an agency screws up, and their incident response is appalling – and dare I say, negligent. Yahoo7 reports: A violent father barred from seeing his children has been handed their new address in a…
Baton Rouge police database ‘hacked’ in retaliation for killing of Alton Sterling
Patrick Howell O’Neill reports: Just days after the fatal shooting of a black man by Baton Rouge police prompted international outrage and a Justice Department investigation, the Baton Rouge city government’s servers have been “hacked” and 50,000 city police records leaked online including names, addresses, emails, and phone numbers. A hacker named @0x2Taylor claimed responsibility…
California Health Care Facility email gaffe results in notifications
California Health Care Facility, which is part of the California Department of Corrections and Rehabilitation, is notifying an unspecified number of people that their names and Social Security numbers were erroneously emailed to an unauthorized recipient in an attached document on May 2. The erroneous email was subsequently deleted from the server.
Still ignoring the smaller paper breaches? Stop.
Add this to your “small breaches, big impact” analyses. As seen on the New Zealand Herald: A doctor’s office disclosed a patient’s childhood abuse when a letter was sent to the person’s neighbour accidentally. The incident happened when the patient told their GP about past abuse, who referred them on to counselling to help work…