James Temperton reports: WHSmith‘s website has randomly sent out hundreds of private emails to people on its mailing list. The issue appears to come from a broken “contact us” form, with anything customers send through the form being erroneously sent to hundreds of WHSmith’s customers. Details included in the emails include real names, phone numbers,…
Category: Exposure
UK: London clinic accidentally exposes HIV status of 780 patients
Joseph Patrick McCormick reports that 780 patients at the 56 Dean Street sexual health clinic in London had their names, HIV status, and contact details exposed to one another. The breach occurred when an employee sent out an email newsletter but put the mailing list in the “To:” field instead of the “bcc” field. The clinic…
Ca: Limestone District School Board concludes breach investigation
CKWS reports: In February the Limestone District School Board launched an investigation after thousands of documents containing personal information including social insurance numbers, addresses, banking and beneficiary information was discovered by a student using a computer at a local school. The records involved both past and present staff dating back to 2001, some 5 thousand people…
Backblaze Faces Class Action Over Unencrypted Hard Drives
Tamara Burns reports: Backblaze Inc., a company specializing in computer data backup and recovery, is the subject of a proposed class action lawsuit filed last Friday. The class action lawsuit alleges Backblaze puts private customer data at risk by shipping them unencrypted external storage drives. [….] Plaintiff Scott Hellervik takes issue with Backblaze’s procedures for…
Minnesota blames faulty web portal for breach of 18 residents’ driver’s license information
AP reports: Minnesota officials say driver’s license data on 18 residents was accessed after a password-protected portal was inadvertently opened online. The Department of Public Safety said Monday the breach happened when a server update accidentally removed the authentication process to access the state’s driver’s license database. Two individuals used the portal 55 times between…
BNY Mellon accused of leaking confidential client data
A press release from Novick & Associates, P.C.: Another bizarre incident occurred in the ongoing litigation between the sons of renowned East Hampton sculptor Norman Mercer and BNY Mellon (BNYM), which is administering his estate, when the bank improperly turned over personal and financial information about its other trust account beneficiaries residing in the New York Tri-state area. In its…