CONSENT ORDER NEWARK – Acting Attorney General Andrew J. Bruck today announced that the Division of Consumer Affairs has reached a settlement with three New Jersey-based providers of cancer care that the State alleges failed to adequately safeguard patient data, exposing the personal and protected health information of 105,200 consumers, including 80,333 New Jersey residents. Under…
Category: Exposure
MA: Northeastern Cancels Vaccination Clinics After Third-Party Information Leak
Jay Willett reports: COVID-19 vaccination clinics scheduled on Northeastern University’s Boston campus have been cancelled following the discovery of registrants’ personal information being exposed by Pelmeds, a third-party vaccine provider. In a statement shared with WBZ NewsRadio, Northeastern said that the information was present on Pelmeds’ website. “As soon as the university became aware of…
LINE Pay leaks data from approximately 133,000 users to GitHub of all places
Sunaina reports: LINE Pay, a smartphone payment provider, announced yesterday that between September and November of this year, approximately 133,000 users’ payment details were inadvertently published on GitHub. A research group employee accidentally uploaded files detailing participants in a LINE Pay promotional programme staged between late December 2020 and April 2021 to the collaborative coding…
Tulane University crime data breach exposes health records, sexual assault victims’ names
Missy Wilkinson Reports: Health records and names of people who visited Tulane University Medical Center’s emergency department, including for attempted suicide. Graphic information about sexual assaults and the identities of the victims, witnesses and suspects. All this and other sensitive information protected under federal privacy laws was visible to anyone with a Tulane email address…
Sensitive information of 30k Florida healthcare workers exposed in unprotected database
Jonathan Greig reports: More than 30,000 US healthcare workers’ personal information was recently exposed due to a non-password protected database, according to security researcher Jeremiah Fowler and a team of ethical hackers with Website Planet. Fowler discovered a database run by Gale Healthcare Solutions with 170,239 exposed records that included names, emails, home addresses, photos and in some…
Oops! County explains how driver’s licenses were posted in place of animal adoption photos
Jakob Emerson reports: Sangamon County Animal Control (SCAC) is embroiled in a community controversy once again. SCAC is responsible for the sharing of uncensored photos of Illinois driver’s licenses to the internet in the place of photos of animals available for adoption at the facility. Anyone in the world with an internet connection could see photos, names,…