From the Information Commissioner’s Office: Dumfries and Galloway Council breached the Data Protection Act by accidentally publishing a spreadsheet containing the names, salaries and dates of birth of nearly 900 current and former employees on their website, the Information Commissioner’s Office (ICO) said today. The personal information – which was mistakenly disclosed as part of…
Category: Exposure
SAISD website exposes students’ personal info (updated)
Lindsay Kastner reports: Confidential information about dozens of San Antonio Independent School District students was exposed on the Internet, apparently for months, and officials were scrambling Friday to repair the security breach. A Google search by a San Antonio Express-News reader who was checking out an unfamiliar phone number brought up the district’s “Potential Dropout…
AU: First State Superannuation fails to adequately secure online accounts, then threatens the security researcher?
First, let’s start with the breach, as reported by Darren Pauli on SC Magazine: A security researcher was questioned by NSW Police after quietly reporting a massive security gaffe to First State Superannuation that potentially exposed millions of customer accounts. Patrick Webster found he was able to access electronic superannuation notices of any customer by…
Top Tory ‘lost voters’ personal info’ days before ID fraud week
Anna Leach reports: Just days before the start of National Identity Fraud Prevention Week on Monday, the Prime Minister’s chief policy advisor Oliver Letwin has been snapped binning what appear to be documents containing personal information in a public park. The discarded documents are said to include the addresses of Letwin’s constituents in West Dorset,…
Social Security kept silent about private data breach
Thomas Hargrove writes: The Social Security Administration has failed to inform tens of thousands of Americans that it accidentally released their names, dates of birth and Social Security numbers in an electronic database widely used by U.S. business groups. The federal agency has kept silent about a potentially harmful security breach of the personal data…
UGA personnel data posted on web site (Updated)
Laura Diamond reports: University of Georgia officials are investigating how personal data on nearly 19,000 employees was publicly available on a university web site since at least 2008. […] The database was created for internal purposes and included the Social Security number, date of birth, employee name and other sensitive information for everyone who was…