A recent listing on a popular forum claimed to be offering the entire Mexican voter database for 2021 — 91 million records. The data was formatted with the following fields: “CVE”,,”NOMBRE”,”PATERNO”,”MATERNO”,”FECNAC”,”SEXO”, “CALLE”,”INT”,”EXT”,”COLONIA”,”CP”,”E”,”D”,”M”,”S”,”L”, “MZA”,”CONSEC”,”CRED”,”FOLIO”,”NAC”,”CURP” In response to the listing, Alon Gal (@UndertheBreach) commented on Twitter that this was the second breach involving Mexico’s Instituto Nacional Electoral (INE)….
Category: Commentaries and Analyses
Jm: Staff, patients concerned about data breach at university hospital
Jovan Johnson reports: Loose network and cybersecurity with the problem-plagued Hospital Information Management System (HIMS) that’s gobbling up millions in cost overruns has exposed to hackers thousands of patient data at the University Hospital of the West Indies (UHWI), a Sunday Gleaner investigation has found. Although Advanced Integrated Systems (AIS), which is implementing the project that’s four…
State audits of school district IT reveal why k-12 districts are sitting ducks for threat actors
On July 15, New York State Comptroller Thomas P. DiNapoli released the following school district audits. Clicking on the links will take you to the fuller reports, but even then, some things were so bad, it seems, that findings were told to the districts, but not put in writing in public reports that threat actors…
The new minimization technique for breach disclosures?
Remember when “We take your privacy and security very seriously” became de rigueur in breach disclosures? Now there’s other language being frequently added to breach disclosures — language that makes it sound like what the entity is about to tell you is really no huge deal, but if you feel you really need to protect…
Dark Web Price Index 2021
Information in this report reflects data collected on May 9, 2021 and reported by Privacy Affairs. They report their methodology was to: “scan dark web marketplaces, forums, and websites, to create an index of the average prices for a range of specific products.” Their findings are also compared to what they found in 2020. You…
An insurtech startup exposed thousands of sensitive insurance applications
Zack Whittaker reports: A security lapse at insurance technology startup BackNine exposed hundreds of thousands of insurance applications after one of its cloud servers was left unprotected on the internet. BackNine might be a company you’re not familiar with, but it might have processed your personal information if you applied for insurance in the past…