James Mayse reports for the Messenger-Inquirer: The names, Social Security numbers and dates of birth of thousands of people who visited the Green River District Health Department were available unsecured online for months, at least since October. But the company maintaining the computer database fixed the problem immediately Wednesday evening after being notified by the…
Category: Exposure
ESRB unintentionally exposes email addresses of people who filed complaints over Blizzard’s Real ID system
Gregg Reece writes about a reply-all gaffe exposing almost 1,000 individuals’ email addresses: During the recent Real ID catastrophe on the forums, many players decided to appeal to an industry source that might have been able to sway Blizzard to change its mind. These players contacted the ESRB (Entertainment Software Rating Board) as a Better Business Bureau-type…
AU: Mobile security outrage: private details accessible on net (updated)
Natalie O’Brien reports: The personal details of millions of Vodafone customers, including their names, home addresses, driver’s licence numbers and credit card details, have been publicly available on the internet in what is being described as an ”unbelievable” lapse in security by the mobile phone giant. The Sun-Herald is aware of criminal groups paying for…
FL: Social Security Numbers Found on Duval County Website
Maria Will knows to be careful on the internet, especially with private information like bank account and Social Security numbers. “Anybody can put an address in and pull up anything,” said Will. But she didn’t realize some of that protected information can be found on a government website. In at least one case, there was…
Seabury & Smith service reports security breach
Marsh U.S. Consumer, a Seabury & Smith service, recently reported a security breach to the New Hampshire Attorney General’s Office. The benefits plan provider reported that due to a programming error and transmission of incorrect URLs, a dedicated server for its client, ITT Corporation, was exposing some ITT employees’ benefits plan personal information to other employees…
PinnacleHealth notifies patients that a medical transcription service breach exposing patient records went undetected for two years
Another breach involving a transcription service. This time, it’s PinnacleHealth System in Pennsylvania, who recently reported an incident to HHS involving Gair Medical Transcription Services. On December 17, PinnacleHealth issued a press release that indicates that the breach may have occurred back in 2008, but was only detected when someone searching for something online stumbled across…