Tara Seals reports: Home Depot has exposed the private order confirmations of hundreds of Canadian consumers, containing names, physical addresses, email addresses, order details and partial credit-card information. After customers began reporting that they had received hundreds of emails from the home-improvement giant, each containing an order confirmation for a stranger, the company confirmed the…
Category: Exposure
Dozens of patient records dumped in St. Louis industrial area
Erin Richey reports that someone found boxes of patient records belonging to DaVita Florissant Dialysis on West Florissant Avenue. “Found names, Social Security numbers, addresses, lab reports, entire medical history of people and personal information,” he said. “ Read more on KSDK. According to the report, because Missouri does not regulate dialysis clinics, the state department…
True, the social networking app that promises to ‘protect your privacy,’ exposed private messages and user locations
Zack Whittaker reports: True bills itself as the social networking app that will “protect your privacy.” But a security lapse left one of its servers exposed — and spilling private user data to the internet for anyone to find. Read more on TechCrunch.
More than 100 irrigation systems left exposed online without a password
Catalin Cimpanu reports: More than 100 smart irrigation systems were left exposed online without a password last month, allowing anyone to access and tamper with water irrigation programs for crops, tree plantations, cities, and building complexes. The exposed irrigation systems were discovered by Security Joes, a small boutique security firm based in Israel. Read more on…
Mount Diablo Unified District responds to SchoolMessenger leak
On September 21, the Mount Diablo Unified District notified parents of a breach involving the SchoolMessenger app by Intrado. Their letter explains that on September 14, 2020, the district was informed that “when certain parents were using the SchoolMessenger mobile application, they were able to view a list of roughly thirty (30) unique names, emails,…
Names, Private Information Of Child Sex Crime Victims Were Illegally Made Public In Cook County Court Records
Samah Assad, Christopher Hacker, and Brad Edwards report: Cook County officials left the personal information of child sex crime victims in public court records, violating a state law that requires those details be kept hidden. The person charged with protecting those victims’ privacy in the records, Circuit Court Clerk Dorothy Brown, refused to restrict access to them for more than a month after being told about…