Another site that reports on health data breaches tends to report on VA breaches in terms of percentage change from the previous month. DataBreaches.net does not do that because, frankly, there’s no consistent pattern or trend, and month-to-month comparisons don’t strike this blogger as particularly useful. Consider the stats from the last three months’ reports: February Summary:…
Category: Exposure
Was chatting about marijuana on TheTreesNetwork hazardous to your privacy?
In today’s installment of misconfigured databases, include more than 10 million chat messages from more than 44,000 users on TheTreesNetwork. Chris Vickery, security researcher at Kromtech, writes: I have information on two different breaches to share today. Coincidentally they both involve sites that show videos to their user base. The first has to do with TheTreesNetwork.com,…
Privacy commissioner closes door on Corner Brook privacy breach
Mistakes happen, and not every incident should result in a regulator investigation or smackdown. Cory Hurly provides a useful example of that: Given there was no complaint from anybody potentially impacted by an inadvertent release of documents on the City of Corner Brook’s website, the Office of the Privacy Commissioner has all but closed the file. Sean Murray,…
Talentbuddy.co / Talentguide.co Database Exposed, Company Reacts Swiftly
Another day, another misconfigured MongoDB database installation. This one, uncovered by RiskBased Security, involved Udemy‘s Talentbuddy.co. RBS writes: In total, there have been 38,791 users accounts from the talentbuddy.co website and a further 22,761 users from the Talentguide.co website exposed, with usernames, email addresses, passwords, Linkedin profile information, and other site-related information such as registration dates,…
Nulled.io crime forum breach could cause a world of pain for members
Dan Goodin reports: A website that openly facilitated the brokering of compromised passwords, stolen bitcoins, and other sensitive data has been hacked, exposing login data, IP addresses, e-mail addresses, purchase histories, and private messages for some 500,000 members. Nulled.io, a hacker forum that used the tagline “expect the unexpected,” was compromised earlier this month in…
John McGuinness says HSE in “serious breach of data protection” as patient files stored in unlocked outhouses
MaryAnn Vaughan reports: A Kilkenny Dáil Deputy says the HSE locally has seriously breached Data Protection. John McGuinness says it was brought to his attention that there are boxes of patient and HSE workers’ files stored in unlocked outhouses at the site of their auxiliary hospital on Wolfe Tone Street in Kilkenny. Read more on…