Ben Cubby reports: Personal information of more than 130,000 Telstra customers has been exposed in the latest large-scale privacy breach to strike big Australian companies. Telstra said a “misalignment of databases” rather than hacking was responsible for the breach, which saw customer details wrongly made available on the online White Pages and via directory assistance….
Category: Exposure
VA admits to improperly disclosing COVID-19 vaccine data for 500,000 staff
Nihal Krishan reports: The U.S. Department of Veterans Affairs has admitted that it failed to adequately protect COVID-19 vaccination status data for about 500,000 of its employees. Following an internal investigation by the VA’s Data Breach Response Service, the agency removed a spreadsheet containing personal details including vaccination status, according to a notice sent to the agency’s…
Florida state tax website bug exposed filers’ data
Zack Whittaker reports: A security flaw on the Florida Department of Revenue website exposed at least hundreds of taxpayers’ Social Security numbers and bank account numbers, a security researcher found. Kamran Mohsin said the security flaw — now fixed — allowed him, or anyone else who was logged in to the state’s business tax registration website,…
NZ: ‘Unfortunate and regrettable incident’: Inside the Otago University data breach
Hamish McNeilly reports: An online loophole allowed a handful of users to access a veritable treasure trove of information at the University of Otago. The types of information, revealed to Stuff following an Official Information Act request, included phone numbers, addresses, passport details, exam results, police vetting lists, academic integrity investigation invitation letters, referee reports,…
ICE accidentally released the identities of 6,252 immigrants who sought protection in the U.S.
Hamed Aleaziz reports: Immigration and Customs Enforcement accidentally posted the names, birthdates, nationalities and locations of more than 6,000 immigrants who claimed to be fleeing torture and persecution to its website on Monday. The unprecedented data dump could expose the immigrants — all of whom are currently in ICE custody — to retaliation from the…
No Need to Hack When It’s Leaking, Friday Global Edition
For today’s episode of “No Need to Hack When It’s Leaking,” DataBreaches brings you three leaks involving patient/medical information: one from the U.S., one from India, and one from Australia. Tridas Center Jeremiah Fowler and the Website Planet research team discovered an unsecured database containing more than 16,000 records with personally identifiable information about pediatric…