Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password protected database that contained nearly 1.3 million records, which included COVID-19 testing information and personally identifiable information such as the patient’s name, date of birth, and passport number. Jeremiah Fowler writes: The publicly exposed database contained an estimated 1.3 million records that included 118,441…
Category: Exposure
Raptor Technologies’ unsecured blob exposure was worse than they acknowledged. Here’s what we know — and don’t know — so far.
On January 11, DataBreaches noted a concerning blob exposure discovered by Jerome Fowler and first reported by vpnMentor. As WIRED’s Matt Burgess reported: Last month, security researcher Jeremiah Fowler discovered 800 gigabytes of files and logs linked to school software provider Raptor Technologies. The firm provides software that allows schools to track student attendance, monitor…
Erie VA Medical Center says it regrets veteran info disclosure
Keith Gushard reports: The Erie VA Medical Center says it regrets any preventable disclosure of sensitive veteran information and takes appropriate action to inform and protect impacted individuals as quickly as possible. The statement, issued Monday, comes almost eight full weeks after a printing error was discovered about the potential disclosure of limited information that…
Fairfax Co. concludes investigation into student data breach
Scott Gelman reports: An investigation into how Fairfax County Public Schools accidentally shared other students’ private information with a parent during a fall meeting has concluded, Superintendent Michelle Reid said in a letter to families Thursday. The external review, conducted by the law firm Woods Rogers, found that the data breach occurred because the parent…
UK: Corringham school apologizes after sharing personal pupil data
Stuart Woodward and Shivani Chaudhari report: A school has apologised for sending an email to parents which listed the personal data of 69 pupils who were being disciplined for bad behaviour. The principal at Ortu Gable Hall School in Corringham, Essex, said the email was sent by mistake and parents were asked to delete it….
MoD fined £350k over data breach that endangered lives of Afghan interpreters
Public Technology reports: The Ministry of Defence has been fined £350,000 over a data breach that divulged the identities of hundreds of Afghan nationals who worked for the UK government in Afghanistan. According to data watchdog the Information Commissioner’s Office, the incident allowed 245 recipients of an email about the evacuation of eligible people to…