John Leyden reports: Organisers of the UK’s cyber security challenge committed an embarrassing email blunder by inadvertently revealing the email addresses of everyone who entered a forensics challenge to each other. A single challenge registration confirmation was CCed to everyone who entered, handing over a complete email list in the process. Read more in The Register.
Category: Exposure
Follow-up: Lawsuit filed over horrific student records breach
Kathianne Boniello reports that a parent and her child are suing the New York City Department of Education after the child’s high school dumped hundreds of unshredded confidential student records onto the street last year. The incident was covered on this site here. The School for the Physical City filled a Dumpster with 15 cardboard…
UK: East Lothian Council exposes cabbies’ personal info on web site
Kirsty Gibbins reports: East Lothian Council has apologised over a “serious” staff error which saw the personal details and previous convictions of taxi licence applicants published on the local authority’s website for two hours. The names, addresses, telephone numbers, driving history and criminal records of 12 applicants for either taxi driver or operator licences –…
Delaware retiree sues Aon, citing “irreparable harm” (UPDATE)
From Courthouse News: Aon Consulting disclosed online the names and Social Security numbers of 22,000 state retirees, a class action claims in New Castle County Court. The class claims Aon did not bother to scrub personal information before posting online a request for proposals from insurers. “Gail Slaughter’s identity is likely for sale on the…
MN: Exposed student data leaves prying eyes wide open
Anthony C. Maki reports: An online MCTC [Minneapolis Community and Technical College] directory left sensitive student data and internal documents accessible to the prying eyes of anyone with an Internet connection since at least the summer of 2006, according to an investigation by City College News. Besides annual accounts-receivable reports and salary rosters, a database spanning…
UK: Council data leak sparks fraud fears
An investigation has been launched after the personal details of almost 2,000 council workers were leaked in a major security breach. Sensitive data including bank account details, addresses and national insurance numbers of employees and councillors at East Devon District Council were sent to a private email address by a former manager. Councillors have described…