Some breaches make me want to curse. This news report out of Sevierville, Sevier County in Tennessee makes me want to yell, “When the hell are businesses going to start getting fined for just dumping unshredded files with PII?” … Kim Pierce runs a video store in Sevierville and was shocked at what she found…
Category: Exposure
University of Virginia gaffe exposes student applications with Social Security Numbers
Ted Strong reports: Roughly 300 transcripts, some containing complete Social Security numbers, were accessible through a University of Virginia website on Tuesday morning due to an as-yet unspecified human error, university officials have confirmed. The incident came to light when a student conducting a Google search for an image of himself found his transcript online….
A Bit Too Much Klout: User Says He Can Sign In To Someone Else’s Account
Ingrid Lunden writes: It’s not clear if this is a one-off glitch, a signal of a bigger issue — or a way of pumping up/sabotaging Klout scores for those who care. But it’s not great news any way you spin it, if it’s true: a Klout user has gotten in touch to say that when…
TalkTalk subsidiary’s customer data placed on the web in IIS whoopsie (updated with response from TalkTalk)
Bill Ray reports: Updated Greystone Telecom, adopted child of TalkTalk and provider of telecommunications to the business community, is unwittingly sharing customer and contract details with the world: but TalkTalk doesn’t care. The details include customer and contract prices, copies of sales orders and spreadsheets showing how things are going at the subsidiary which TalkTalk…
Update: Belfast councillors’ bank details blunder cost almost £65k
Remember that breach involving Belfast city councillors’ bank details? Lesley-Anne McKeown of the Belfast Telegraph reports on what the breach cost the city: A report presented to councillors has found that dealing with the security breach which was blamed on ‘human error’ cost £64,250 — most of which went on legal fees. Read more on…
UK: Contract catering firm signs undertaking to improve data protection
Without fanfare, the ICO has published an undertaking signed by Holroyd Howe Independent Ltd in Reading. The gist of the breach is that in response to a request for a copy of an ex-employee’s payslip (requested by the ex-employee), the data processor mailed a document disclosing the relevant month’s payslips for all of the contract catering firm’s…