Earlier this week, Dan Goodin reported: Online petitions service Change.org has a website bug that’s disclosing e-mail addresses that presumably belong to current or former subscribers. Search results suggest the number could be thousands, but a Change.org official said it was about 100. The disclosure bug was active at the time this post was being…
Category: Exposure
Horrific privacy breach by Tewksbury Public Schools
Cross-posted from PogoWasRight.org. Okay, this is really bad, on multiple levels. Brendan Foley and Jayne Miller report: Tewksbury Public Schools face angry parental backlash following the release of private student information online last week. A document included in a 222-page School Committee packet remained online for the better part of a week, before being taken…
CA: Email error exposes 845 Tulare County patients’ email addresses.
The Tulare County Health & Human Services Agency (HHSA) has announced a potential breach involving the protected health information of 845 patients seen at the Visalia and Farmersville clinics who use the online Patient Portal. The potential breach occurred on March 19, 2015, when an employee sent an email and neglected to encrypt and blind…
Auburn University notifying over 360,000 current and former students of breach
Oops. Auburn University discovered that students’ personal information – names, postal and email addresses, dates of birth, Social Security numbers, and students’ academic information – was exposed on the Internet between September 1, 2014 and March 2, 2015 when they discovered the problem. No financial information, bank account or payment card information was involved. While the university…
California Department of Business Oversight accidentally disclosed personal information to public records requestors
California’s Department of Business Oversight is notifying some investment advisers and dealer-brokers that due to a redaction error on the department’s part, their Social Security numbers were sent to public records requestors. The breach, which occurred on January 5, was not discovered until March 11, and the department does not indicate how it first became aware…
Florida Department of State confirms data breach
Florida’s Department of State has now issued a press release about a breach first reported on this site yesterday. Here’s their statement: The Florida Division of Elections has learned of the inadvertent release of non-confidential voter information that occurred in March following the fulfillment of voter registration record extract requests. The Division of Elections has confirmed…