Melanie Kendall reports: A Madison County man says he found thousands of medical records stuffed in a dumpster. Carl Swanger says Saturday he found 65 boxes filled with patient information, including social security and credit card numbers. He says immediately he knew something wasn’t right. The boxes were stuffed in a dumpster at AAA Rent-A-Space…
Category: Exposure
UK: ‘Outrage’ in Mansfield and Ashfield after personal records of hundreds of residents found dumped in bin
Joe Malone reports: Residents across Mansfield and Ashfield have been left ‘outraged’ after hearing that their private documents were found dumped in a recycle bin on Wednesday. The documents belong to a quick cash loan company called Morsesclub, who merged together with Shopacheck Financial Services Limited in March. Among the documents found in Sutton, were…
56 MEEELLION credentials exposed by apps say infosec boffins
Darren Pauli reports: Researchers from the University of Darmstadt say app developers have exposed 56 million credentials by borking login processes using services from Google, Amazon, and Facebook. The research team tested 750,000 Android and iOS applications, examining the way they used the federated identity services to make authentication smooth across different devices. The team…
Woolworths leaks $1 million of gift cards in massive data breach debacle
Oops. Grocery giant Woolworths has scrambled to cancel over $1 million worth of shopping vouchers after a massive leak of customer data, in which it mistakenly emailed the redeemable codes of 8000 gift cards containing the customers’ names and email addresses. Fairfax Media has obtained a copy of the email which contained an excel spreadsheet with the names and email address…
Yemen Cyber Army dumps visa data from Saudi Ministry of Foreign Affairs
The Yemen Cyber Army (YCA) has released more data from its hack of the Saudi Ministry of Foreign Affairs (previous coverage here and here). Media sources reported after the first disclosure that Riyadh confirmed the internal Internet network attack but disputed the extent of the hack. At this rate, their protestations might want to be walked…
Jersey City Medical Center employee gaffe exposed patients’ PHI in e-mail attachment
Add Jersey City Medical Center to entities experiencing an e-mail breach of PHI. From their statement of April 20, 2015: On February 19, 2015, as part of routine hospital operations, an employee of Jersey City Medical Center accidentally sent an e-mail meant for internal use that included an attached spreadsheet with some patient information to…