Zack Whittaker reports: Zocdoc says it has fixed a bug that allowed current and former staff at doctor’s offices and dental practices to access patient data because their user accounts weren’t properly decommissioned. The New York-based company revealed the issue in a letter to the California attorney general’s office, which requires companies with more than 500 residents…
Category: Exposure
Riagg files of thousands of patients open and exposed in a basement
The this post uses machine translation of a report in Dutch. It concerns the discovery of patient files on CDs found unsecured in the basement of a building that, until 2015, was a former mental health institution — the Riagg Rijnmond Foundation. Rutger de QuayRik Wassens report that the young man who found the files…
NY: EMT posted patient’s confidential info from ambulance, alleges lawsuit
The Staten Island Advance reports: Thanksgiving 2019 is a day one Stapleton resident will never forget. But for all the wrong reasons. An emergency medical technician posted Jermaine Williams’ confidential medical information and cell-phone number online that night without his consent, a lawsuit alleges. And others saw it, William’s lawyer said. At the time, Williams…
Data of 100+ million Android users exposed via misconfigured cloud services
Ionut Ilascu reports: Security researchers discovered that personal data of more than 100 million Android users has been exposed due to various misconfigurations of cloud services. The data was found in unprotected real-time databases used by 23 apps with download counts ranging from 10,000 to 10 million and also includes internal developer resources. Read more…
Recruiter’s Cloud Snafu Exposes 20,000 CVs and ID Documents
Phil Muncaster reports: Tens of thousands of jobseekers have had their personal information exposed by a misconfigured cloud account, according to researchers. A team at Website Planet discovered the AWS S3 bucket left unprotected and unsecured by FastTrack Reflex Recruitment, now TeamBMS. The firm apparently specializes in recruitment for the building management systems sector, for projects including skyscrapers…
Wyoming Health Director, Tech Officer Quit After Data Leak
Mead Gruver of AP reports: Wyoming’s health director and chief information officer have resigned after a data leak involving the personal information of tens of thousands of people who were tested for the coronavirus. A state Department of Health employee working with computer code accidentally released COVID-19 test results, as well as blood alcohol test…