Statement on the school district’s website from Supt. Dr. Edgar B. Hatrick: Recently, the school system was informed of a security breach involving one of our software vendors. The vendor, Risk Solutions International, maintains the school system’s Emergency Management Plans. The website contains some personal information about students and staff members that is normally restricted to…
Category: Exposure
ZA: Hacker reveals e-toll website security flaw
Jan Vermeulen reports that a hacker has reported a vulnerability in the SANRAL website that exposes user information: This is due to a page on the South African National Roads Agency Limited (Sanral) website which can be exploited to expose the PIN of any registered e-toll website user. The page is intended to be used…
Acting Medicaid Director Releases Information on the Incorrect Mailing of Medicaid Cards
Raleigh, N.C. – Today, Department of Health and Human Services Acting Medicaid Director Sandra Terrell released the following information regarding the incorrect mailing of 48,752 Medicaid cards to the wrong addresses: After a review of the incident, it has been determined that some Medicaid cards were incorrectly sent because of human error in computer programming and…
Omniquad Surf Wall Remote injects string into the browser user agent that identifies users – claim
Back in October 2010, I noted a breach involving managed security services provider Omniquad. Omniquad acknowledged the breach that involved helpdesk tickets leaking online, but the firm’s managing director, Daniel Sobstel, subsequently claimed that Webroot reseller Infosec Technologies started contacting his customers and passing on misleading information about the size of the data breach. Now…
Irish credit union gaffe exposed almost 5,000 customers’ loan information online
Ah, this report from December 24th slipped by me. Cormac Murphy reports: In a major blunder, the borrowing amounts, loan durations and arrears of 4,971 members of Tullamore Credit Union were made public. The private database became freely available via the lender’s website last week and remained accessible for at least two days, it is…
Washington Dept. Social & Health Services sends sensitive info to wrong addresses
Christine Claridge reports: The personal information of up to 7,000 households receiving assistance from the state Department of Social and Health Services (DSHS) was sent in error to incorrect or old addresses, according the state Economic Services Administration (ESA). The administration confirmed in a news statement released Thursday that the private information of at least…