Lizzy Buchan reports that there was a second email gaffe that exposed additional Afghan interpreters. Once again, it seems, email addresses were visible to all addressees instead of being in the blind-copied fields. Some 55 people’s details were revealed, according to the BBC. The disastrous blunder comes after Defence Secretary Ben Wallace was forced to…
Category: Exposure
Oops? RaidForums data marketplace accidentally exposes private staff page
Ax Sharma reports: RaidForums is an underground place where private databases obtained from data breaches, vulnerability exploits, and credit card information sets are illegally traded by threat actors, or sometimes leaked for free. On RaidForums, the “Staff General” section is typically restricted to internal staff members only, but in an ironic twist of fate, this private section was accidentally left open for viewing by…
Afghanistan: Investigation launched into interpreter data breach
Today’s reminder that even the leak of an email address can put someone’s life at risk. Phil Kemp, Lucy Manning, and Ed Campbell report: Defence Secretary Ben Wallace has ordered an investigation into a data breach involving the email addresses of dozens of Afghan interpreters who worked for British forces. More than 250 people seeking…
EventBuilder misconfiguration exposed event registrants’ information
If you ever used EventBuilder to register as an attendee at an event, then you may be among those whose personal information has been exposed in a leak estimated to have affected more than 100,000 people. The leak was spotted by Bob Diachenko and responsibly disclosed by Diachenko and Clario Tech according to a new report…
MN: Mankato Clinic notifies patients of health data breach
Mitch Keegan reports: The Mankato Clinic has notified more than 500 patients of a breach of unsecured protected health information. In a news release, Mankato Clinic says on August 3rd an electronic spreadsheet containing patient information for 535 patients was mistakenly e-mailed to a colleague of a Mankato Clinic employee to an external e-mail account. The e-mail…
TX: Lubbock County confirms private information accessible under new computer system, says situation not a data breach
Samantha Jarpe reports: Lubbock County released a statement Tuesday about previously private court information being made available to the public via a new records system. An earlier release by the Lubbock County Defense Lawyers Association characterized the incident as a data breach. The association said it became aware of the situation September 10. According to…