An investigation has been launched into why crates of medical records were left lying unattended in a corridor at a Scottish hospital. The records, which contained highly personal information, were discovered by a member of the public at the Southern General hospital in Glasgow. Read more on BBC.
Category: Exposure
Xcel Energy notifies employees of small, contained breach
Through its lawyers, Xcel Energy notified (pdf) the New Hampshire Attorney General’s Office that an email error by an employee resulted in the names and Social Security numbers of a number of employees being distributed to other Xcel employees and managers who should not have received the Social Security numbers. The company’s internal investigation indicated…
UT: Students’ personal information accidentally e-mailed to other students
Randall Jeppesen reports: Thousands of BYU [Brigham Young University] students got a glimpse at some of their fellow students’ private information. With the click of a mouse, a list with some BYU students’ names, their ID numbers, GPAs, e-mail addresses and home addresses was sent to 2,500 students in the College of Humanities. “It was…
NZ: Massey University Experiences Serious Breach Of Security
The Massey University intranet system utilised by students from all across New Zealand, MyMassey, is under scrutiny after a severe breach of security left thousands of students able to access other people’s highly sensitive information. Rawa Karetai, President of the Albany Students’ Association, was one of the first students to notice this critical error: “I…
Met Life fax malfunction misdirects personal info
Metropolitan Life Insurance (Met Life) has notified (pdf) the Maryland Attorney General’s Office that for about two days in January, their electronic fax server malfunctioned after they had uploaded a software patch. As a result, personal information on some customers — including names, addresses, and Social Security numbers — was misdirected to other fax numbers….
NL: Bike locker codes – and bank account info – up for grabs
Karin Spaink reports: The personal details – name, home address, bank account, card number and unlock code – of the 50.000 people who have a subscription with OV-fiets, where they rent a bike locker at train stations, were available through the OV-fiets website. To retrieve personal data from the website, no password was needed, only…