Brian Krebs reports: Big-three consumer credit bureau Experian just fixed a weakness with a partner website that let anyone look up the credit score of tens of millions of Americans just by supplying their name and mailing address, KrebsOnSecurity has learned. Experian says it has plugged the data leak, but the researcher who reported the finding says…
Category: Exposure
Maine government website displayed mental health patients’ confidential information
Matthew Stone reports: A state agency displayed confidential information about patients of Maine mental health and addiction treatment agencies and group home residents on a public website, a Bangor Daily News review found. At least 20 documents on the Maine government website contained names and, in some cases, addresses, dates of birth and phone numbers,…
No need to hack if it’s leaking, Wednesday edition: Wyoming Department of Health
From the Wyoming Department of Health, a report involving another GitHub leak: Exposure of Laboratory Test Result Data Described April 27, 2021 The Wyoming Department of Health (WDH) is announcing a mistaken exposure of laboratory test result data involving the health information of thousands of Wyoming residents and others, as well as describing its plan…
Reverb discloses data breach exposing musicians’ personal info
Lawrence Abrams reports: Popular musical instrument marketplace Reverb has suffered a data breach after an unsecured database containing customer information was exposed online. Reverb is the largest online marketplace devoted to selling new, used, and vintage musical instruments and equipment. Today, Reverb customers began receiving data breach notifications stating that customer information was exposed, including…
Ca: Privacy commissioner investigating COVID Secretariat data breach
Luke Carroll reports: The Information and Privacy Commissioner (IPC) is investigating a data breach by the COVID-19 Secretariat where the identities of residents self-isolating were disclosed. The email addresses — and in some cases names — were revealed in an email sent out to travellers who were self-isolating. CKLB has obtained a copy of the…
UK: Hundreds of furious Football Index investors have their identities revealed by DCMS email gaffe
Daniel Davis reports: The Department for Digital, Culture, Media and Sport have been embroiled in a sizeable data breach after an email sent out to hundreds of furious Football Index customers did not hide their identities. The government were contacted by a large number of investors in the wake of the collapse of the online…