WKRN reports: TennCare, Gainwell Technologies LLC, and Axis Direct, Inc. announced a privacy breach impacting certain TennCare members in a joint statement on Monday. According to the statement, around 3,300 Medicaid members in the state of Tennessee have been notified of a privacy issue that may have impacted their health information. Gainwell, which runs the…
Category: Exposure
Unsecured Azure blob exposed 500,000+ highly confidential docs from UK firm’s CRM customers
Gareth Corfield reports: A business app developer’s unsecured Microsoft Azure blob left more than half a million confidential and sensitive documents belonging to its customers freely exposed to the public internet, The Register can reveal. Information contained in the blob included occupational health assessments, insurance claim documents from US firms underwritten by Lloyds of London, and…
IN: Telangana Government Site Flaw Exposed Sensitive Data of All Its Employees, Pensioners; Fixed Only After Three Months
Jagmeet Singh reports: Telangana state government took over three months to protect sensitive details of its employees and pensioners from its website. The Indian Computer Emergency Response Team (CERT-In) confirmed the vulnerability and replied on email in September to say that the authorities had been intimated about the issue, and Telangana IT Secretary Jayesh Ranjan…
UK: Assurances sought Moray ambulance staff hit by data breach are receiving support
Alistair reports: Moray MP Douglas Ross is seeking an update from the Scottish Ambulance Service (SAS) after again being contacted by the whistleblower who first revealed the data information breach. The SAS launched a probe when the matter was first highlighted by the Press and Journal in October, revealing that highly personal information about employees had been…
Security breach on Emirati website leads to leaked info of Israelis
Tobias Siegal reports: An Emirati website has leaked the personal information of thousands of Israelis who used it for planning their trip to Dubai, the N12 news site reported Thursday. The Dubai-based website Sharaf Travels was used by many Israelis who took the exciting opportunity to vacation in Dubai, as new Middle East destinations traditionally closed to…
Company that Provides Travel Emergency Services Settles FTC Allegations it Failed to Secure Sensitive Consumer Data
It feels like it’s been a while since we’ve seen an FTC data security case (well, apart from Zoom’s issues). Today, FTC issued a press release about a settlement stemming from SkyMed International’s misconfigured elastic search instance that exposed more than 130,000 people’s information. The exposed data were discovered by Jeremiah Fowler and reported in…