Jon Baines writes: If the Information Commissioner (IC) reasonably requires any information for the purpose of determining whether a data controller has complied or is complying with the data protection principles, section 43 of the Data Protection Act 1998 (DPA) empowers him to serve a notice on the data controller requiring it to furnish him with specified…
Category: Exposure
FL: Tax security form mailing error exposes 1,200 taxpayers’ Form 1098 information
Mike Deeson: We are learning more about a tax form mailing mixup that is much more wide spread than we originally thought. The mailing error, which involved Form 1098 mailings, and which affected people as far away as Tennessee, was traced back to an error by a mailing service used by Multi Financial Services: Ryan is…
Uber Apparently Left Part of Its Lost and Found Database Public
Jason Koebler reports: Someone named Angelica left a Patti Smith record in the back of her Uber on February 5th. I know this, and Angelica’s phone number, because Uber has left its internal lost-and-found records on a publicly accessible site. Read more on Motherboard. The Uber url that leaked the data is now 404.
TX: Lubbock Housing Authority assisting applicants after data leak
Matt Dotray reports that Texas residents who filed a Section 8 application with the Lubbock Housing Authority for rent assistance may have had their names, addresses, Social Security numbers, and estimated income exposed on the LHA’s web site when the wrong (unredacted) file was uploaded on December 23, instead of the redacted-SSN one. The file remained online…
Email gaffe exposes 347 Utah State University students’ Social Security numbers
HJNews reports: A Utah State University staff member accidentally sent an email message Thursday containing 347 individual names and Social Security numbers to a group of USU student veterans, the university revealed Friday. Read more on HJNews. The full statement from the university, linked from their home page yesterday, reads: Accidental security breach affects 347…
D.C. Public Schools Website Exposed Confidential Info About Students With Disabilities
John Templon reports: Like many institutions, the Office of Data and Accountability for Washington D.C.’s public schools uses an “intranet” for sharing confidential documents. Unlike most intranets, theirs was unintentionally public. […] Hundreds of documents were hosted on the intranet, some providing an unfiltered look into the inner workings of the city’s public school system,…