Elizabeth Montalbano reports: A platform used by healthcare workers in the Philippines designed to share data about COVID-19 cases contained multiple flaws that exposed healthcare worker data and could potentially could have leaked patient data. Vulnerabilities found in both the COVID-KAYA platform’s web and Android apps allowed for unauthorized users to access private data about…
Category: Exposure
Three voters demand €10m fine for IT firm behind huge data breach
Claudia Calleja has an update on litigation following a voter data leak involving C-Planet IT Solutions Ltd. Three of the 337,384 Maltese voters whose data was leaked in a massive security breach in April, have filed a complaint with the Data Protection Authority requesting that the IT company that held the data be fined up…
Human error leads to 27.7M people in Texas impacted in Vertafore ‘data event’
Nick Greenhalgh reports: A few months after its $5.3 billion acquisition by Roper Technologies Inc. (NYSE: ROP), Denver insurance tech giant Vertafore is in the midst of what the company is calling a “data event.” The company released a statement on Nov. 10 detailing human error that caused company data files to be accessed without authorization. The…
Privacy Commission probes suspected LTO data leak
Melissa Luz Lopez reports: The National Privacy Commission is investigating a suspected data leak involving car registrations under the Land Transportation Office. In a statement, the privacy body said it is looking into the data available on lisensya.info, which has a “Motor Vehicle Authenticator” that reveals the car make, plate and engine number, registration expiry date,…
Report: Hotel Reservation Platform Leaves Millions of People Exposed in Massive Data Breach
Mark Holden of Website Planet reports on a big Oops! involving Prestige Software in Spain and a misconfigured AWS bucket: Courtesy of our security team at Website Planet, we can reveal that a hotel reservation platform has been exposing highly sensitive data from millions of hotel guests worldwide, dating as far back as 2013 and including…
Trump lawsuit site to report rejected votes leaked voter data
No one could have ever foreseen this happening because nobody ever knew how difficult web site security could be….. Ax Sharma reports: The DontTouchTheGreenButton.com website just launched by the Trump campaign in relation to the recently filed Arizona “rejected votes” lawsuit was discovered to be leaking voter data. The data included the voter name, address, and a unique…