Mitch Keegan reports: The Mankato Clinic has notified more than 500 patients of a breach of unsecured protected health information. In a news release, Mankato Clinic says on August 3rd an electronic spreadsheet containing patient information for 535 patients was mistakenly e-mailed to a colleague of a Mankato Clinic employee to an external e-mail account. The e-mail…
Category: Exposure
TX: Lubbock County confirms private information accessible under new computer system, says situation not a data breach
Samantha Jarpe reports: Lubbock County released a statement Tuesday about previously private court information being made available to the public via a new records system. An earlier release by the Lubbock County Defense Lawyers Association characterized the incident as a data breach. The association said it became aware of the situation September 10. According to…
Walgreens’ Covid-19 test registration system exposed — and still exposes? — patient data
Sara Morrison reports: If you got a Covid-19 test at Walgreens, your personal data — including your name, date of birth, gender identity, phone number, address, and email — was left on the open web for potentially anyone to see and for the multiple ad trackers on Walgreens’ site to collect. In some cases, even…
Ottawa Hospital apologizes to unvaccinated staff for privacy breach
CBC reports: The Ottawa Hospital has apologized to unvaccinated staff after an email was sent out offering a vaccine education session with each recipient’s name visible to others. The email was sent from one of the hospital’s software systems and recalled immediately, the hospital said in a statement emailed to CBC, adding all copies of the email…
Fitness Tracker Data Exposed 61 Million Records and User Data Online
Jeremiah Fowler writes: On June 30th, 2021 the WebsitePlanet research team in cooperation with Security Researcher Jeremiah Fowler discovered a non-password protected database that contained over 61 million records belonging to users around the world. The massive amount of exposed records were related to IOT health and fitness tracking devices. Upon further investigation there were multiple references…
McDonald’s email blunder broadcasts database creds to comedy competition winners
Gareth Corfield reports: McDonald’s customers who won a prize draw competition got more than they hoped for after the burger chain emailed them login credentials for development and production databases used to power the campaign. The first person to report the blunder to McDonald’s, startup founder Connor Greig, told The Register: “It’s a bit weird,” adding…