Chris Vickery writes: I was surprised to read that the crooks nabbed a MongoDB from Verizon that is being sold on the black market for $100,000. The reason I’m surprised? Well, I discovered a highly similar Verizon breach this last December. Brian Krebs recently reported on a Verizon data breach here: https://krebsonsecurity.com/2016/03/crooks-steal-sell-verizon-enterprise-customer-data I don’t know for…
Category: Exposure
Norfolk Admirals’ data breach exposes customers’ names, other information
Kimberly Pierceall reports: A hacker posted several thousand Norfolk Admirals customers’ email accounts, addresses and names on Wednesday, but the team’s online security firm says the data breach affected only about 250 customers. Norfolk Admirals Vice President Joe Gregory said his online security firm eliminated duplicates and spam email addresses from the list, significantly winnowing…
Vidant Health notifies patients whose PHI was exposed in court bankruptcy filings
Vidant Health, who notified employees at its Duplin hospital of a breach in February, has been notifying patients of a separate breach. In a letter to 897 patients, Privacy Officer Joy Hardee writes that Vidant first discovered a problem on January 14, 2016. The letter does not indicate when the breach first occurred, however. … We are…
Truecaller Fixes Data Leaking Hole in Android App
Chris Brook reports: Researchers are encouraging Android users who may have downloaded a popular caller identification application to update, as a previous version of the app inadvertently leaked user information. The app, Truecaller, specializes in phone call management and has been installed at least 100,000,000 times, according to its listing on Google’s Play marketplace. While…
Vulnerabilities in a Third-Party Healthcare Payment Processor
Randy Westergren looked into Christiana Care’s online payment portal, which involves a third party payment processor developed by BYL Companies, LLC. What Randy found was very concerning, and he promptly notified BYL of his findings. You can read his write-up of it all on his site. So here’s the thing: how many people may have actually exploited the vulnerability…
NY: Nurse who took pics of patients’ private parts at Syracuse hospital turns in license
James T. Mulder reports a follow-up on a very disturbing patient privacy breach: A nurse who took photos of an unconscious [SUNY] Upstate University Hospital patient’s penis with her smart phone has turned in her nursing license. The state Education Department announced it has approved a request from Kristen Johnson, 27, of Fulton to surrender her…