From McClatchy Newspapers: A hacker has infiltrated a computer server housing the personal data of 236,000 women enrolled in a UNC-Chapel Hill research study. Among the information exposed: the Social Security numbers of 163,000 study participants. Though the intrusion was detected in late July, computer forensics experts say it may have happened two years ago,…
Category: Breach Types
State Requiring Prompt Med To Appear At Hearing About Dumped Records
As a follow-up to a breach previously reported, Kerri Hartsfield reports: The State Department of Justice is requiring an attorney for Prompt Med to appear at a hearing after hundreds of medical records were found in a dumpster and sitting alongside a street. Last month, a 2 Wants to Know investigation revealed that more than…
VT: City posts taxpayer info online
Stephanie M. Peters reports: A file containing bank account information for 314 city residents [Rutland, Vermont] who participate in the city’s direct debit tax payment program was inadvertently uploaded to the city’s Web site for a seven-day period earlier this month. Those affected were notified by the Treasurer’s Office late last week. […] Statistics for…
EKU posted about 5,000 Social Security numbers online for a year
The names and Social Security numbers of about 5,000 Eastern Kentucky University faculty, staff and student workers were posted inadvertently on the Internet last September, where they have been displayed for a year, according to EKU President Doug Whitlock. There’s no evidence the information was accessed or replicated, Whitlock said in a campus-wide e-mail sent…
Public disclosure disclosed a bit too much
Over on Sound Politics, Mark Griswold writes: While perusing the PDC’s website this morning I came across a major security breach. For obvious reasons I’m not going to post the information I have and like a good citizen I’ve reported it to the PDC. In short though, I am now in possession of the names,…
Rocky Mountain Bank reveals “oops” in court papers
As noted on PogoWasRight.org yesterday, Thomas Claburn of Information Week reports that when Rocky Mountain Bank tried to get a court to seal its lawsuit against Google to compel disclosure of information on the recipient of an errant Gmail containing sensitive customer information, the court declined. It looks like the Streisand Effect has struck again,…