Chris MacLennan reports: A data breach at NHS Highland has led to the personal information of 284 patients with diabetes being shared with more than 30 people. The error, which occurred on Tuesday November 17, led to the names, dates of births, contact information and hospital identification numbers of the patients being revealed. Read more…
Category: Exposure
Disabled children’s names revealed in Bristol City Council email
BBC reports: The identities of hundreds of families with disabled children have been shared with other parents without their consent by a council, in a “fundamental breach of trust and data”. Bristol City Council sent an email asking for views on a new support service to hundreds of people. The names of all the children…
UK: Second hospital data breach revealed in online papers
Emily Roberts reports: A second data breach has been reported by the trust which runs Basingstoke hospital, after personal data of 1,000 members of staff was shared. Details of the breach which was reported to the Information Commissioner’s Office (ICO) in July, have come to light in meeting papers published by Hampshire Hospitals NHS Foundation…
GO SMS Pro — one of the most popular Android messaging apps — just exposed millions of private photos and files
James Gelinas reports: Data leaks are bad enough, but it officially becomes a security nightmare when one affects hundreds of millions of users. Earlier this year, an unsecured server belonging to Microsoft exposed the data of more than 250 million users. This included email addresses that hackers and scammers could use for criminal activities. Tap or…
Over 80,000 ID Cards and Fingerprint Scans Exposed in Cloud Leak
Phil Muncaster reports: A US-based used electronics retailer has exposed over 2.6 million files, including ID cards and biometric images, after a misconfigured AWS S3 bucket was discovered. Researchers at Website Planet traced the instance back to California-based TronicsXchange, previously trading as GreenElectronicsExchange (GEEx). A random scan for server vulnerabilities led to the discovery of…
Hosting Provider Exposed 63M Records incl. WP & Magento
I missed this report from Jeremiah Fowler the other day: On October 5th I discovered a non-password protected database that contained a large amount of monitoring and system logs. There were records indicating data backups, monitoring, error logging, and more. Upon further research, the database appeared to belong to the Texas-based cloud application hosting provider,…