Randy Ludlow reports: A state agency mistakenly turned over the personal information and bank-account numbers of about 60 Ohioans to a pair of vendors, including one that sent the records to be copied by a third party. Officials of the MARCS emergency-communications system within the Department of Administrative Services didn’t notify people whose Social Security,…
Category: Exposure
ICO takes enforcement action against Alzheimer’s Society (UPDATED)
From the ICO: The ICO has found serious failings in the way volunteers at a national dementia support charity handled sensitive personal data. It has orderedThe Alzheimer’s Society to take action after discovering that volunteers were using personal email addresses to receive and share information about people who use the charity, storing unencrypted data on…
Southern New Hampshire U. still investigating database leak exposing over 140,000 records
Steve Ragan reports: Southern New Hampshire University (SNHU) says they’re still investigating how a database containing some student and class information was exposed to the public. The database was discovered by researcher Chris Vickery shortly before Christmas. Vickery turned to Salted Hash for assistance in resolving the matter, as previous attempts to contact the university…
Bucking Clapper? Massachusetts court holds patients have standing to sue based on mere exposure of data alone
In August, 2014, I noted a report involving a transcription contractor of Boston Medical Center exposing patient information on the Internet. BMC notified approximately 15,000 patients and fired MDF Transcription Services because of the incident. Of note, BMC told patients in a notification letter that it had no reason to believe their information had been misused…
In: Confidential data stands exposed on GHMC website
The Hindu reports: It is a free for all on Greater Hyderabad Municipal Corporation’s portal when it comes to data about births or deaths. Thanks to its sloppy security, confidential records of several thousands, alive and dead, stand exposed on the municipal body’s website. At a click of the mouse, birth and death enquiry links…
Did a Christian right-wing organization expose private details of millions of people?
First someone left our voter registration details exposed to the world, but those were “just public records,” some argued. Now a second misconfigured database has been uncovered by Chris Vickery. This one, however, not only includes some states’ voter lists, but it also includes 19 million profiles with private information on religion, household values, gun ownership…