Catalin Cimpanu reports: Dutch IT security expert Sijmen Ruwhof has found a pretty big blunder on the part of Danske Bank, Denmark’s biggest bank, which exposed sensitive user session information in the form of an encoded data dump, in their banking portal’s JavaScript files. Mr. Ruwhof started to research Danish banking policies out of curiosity,…
Category: Exposure
Affinity Health Plan notifies members of PHI breach
Affinity Health Plan notified 496 heads of household within Affinity’s membership on August 21, 2015, about the disclosure of some of their personal information via a mailing of Child Health Plus renewal letters. A sample of the notification letter sent to affected households can be found in this link, which explains the incident in greater detail. On…
NZ: Kiwis’ private medical information spilled in email gaffe
Simon Plumb reports: A Ministry of Health email blunder has spilled private medical information of 24,000 Kiwis. Officials are investigating how a spreadsheet of National Health Index (NHI) numbers, containing the birth and death dates of 24,092 people, was emailed to around 950 pharmacists yesterday morning. The email was supposed to be sent internally. Security…
MI: Man wants to return personal docs found in illegal dumping
Randy Wimbley reports: Illegal dumping in Detroit is not uncommon – but one case in Brightmoor is especially alarming. […] A moderate pile of junk included personal documents from the Social Security Administration and the Ferndale Housing Commission. Read more on FOX2 Detroit. The data appeared to be from 2009 – 2013, but since SSN…
Golden State Risk Management Authority notifying members of Systema Software incident
Despite having been notified almost one month ago by Chris Vickery and/or Systema Software, some entities whose databases were exposed on AWS by Systema Software still do not appear to have issued public statements about the incident. Nor have I seen any reports appearing on HHS’s public breach tool. But in a statement posted on its…
American Bankers Association notifies 6,400 to reset passwords after hack and data dump
So it seems that the American Bankers Association had a breach, although I didn’t see it any mainstream media reports. Marc Hochstein noted the breach in a column he wrote today: American Bankers Association separately said that email addresses and passwords used to make purchases or register for events through its online shopping cart had…