Over on Twitter, Brian Honan just noted that two infosec stories led the evening news in Ireland tonight. One of them surely must be the Loyaltybuild/Supervalu breach, reported previously on this blog. I suspect this is the other one: The Road Safety Authority has confirmed that a data breach has occurred on the website for…
Category: Exposure
IN: Jeffersonville reports ‘serious’ breach of personal data that has been recurring since…. 2001!
Charlie White reports: Jeffersonville is notifying city vendors and officials of a recurring “serious” data breach in which their names and addresses — and some Social Security numbers — were mistakenly e-mailed to city employees. “Because this is a serious incident, we strongly encourage you to take preventative measures now to help prevent and detect…
JP: University private info left open to public access
Some Japanese universities found out the hard way about the risks of networked multifunction printers: Personal information on students and other university members, which is read by and stored in all-in-one machines at the University of Tokyo and two other universities, was left accessible to the public via the Internet, it has been learned. The…
Adobe breach even bigger than we knew
Yes, the Adobe breach is back in the news as some have discovered that a data dump posted online contains the email addresses, encrypted passwords and password hints stored in clear text from 152 million Adobe user accounts. Embarrassingly, one report notes that 1.9 million Adobe users used “123456” as their password.
MN: Auditor says slack procedures contributed to MNsure breach
Jackie Crosby reports: The state’s Office of the Legislative Auditor said Thursday that a data privacy breach at MNsure involving 1,600 Social Security numbers was unintentional, but that slack internal procedures at the new health insurance exchange agency “contributed directly” to the disclosure. In a 22-page report, Legislative Auditor Jim Nobles found “no evidence of…
AU: Hunter United Credit Union admits it tried to avoid embarrassment over email privacy breach
So you goofed and disclosed customers’ e-mail addresses in the To: or CC: field. Should you: (a) immediately acknowledge the gaffe, or (b) say nothing and hope that people don’t notice? Hint: the correct answer is (a).