Catharine Tunney reports: More than 69,000 public servants caught up in the Phoenix pay system debacle are now victims of a privacy breach after their personal information was accidentally emailed to the wrong people, says Public Services and Procurement Canada. The problem-plagued electronic payroll system has improperly paid tens of thousands of public servants since its launch…
Category: Exposure
Plastic Surgery Patient Photos, Info Exposed by Leaky Database
I’ve reported on a number of hacks and leaks involving plastic surgery centers where nude photos of identifiable patients wind up exposed or in bad actors’ hands. Sergiu Gatlan reports on yet another leak. This one exposed hundreds of thousands of documents in a misconfigured Amazon AWS S3 bucket owned by NextMotion, a French plastic…
Patients records from Craigavon Area Hospital found on public road
Carmel Robinson reports that patient records containing patients’ names, their age, social history as well as a brief medical history and why they had been admitted to hospital were found on a public road by a man walking with his child: The patient records relate to a date in January and refer to 18 named…
Why, oh why, don’t some entities respond to notifications about leaking patient data, Wednesday edition
Since the summer of 2019, this site has occasionally reported on findings by WizCase researchers, such as our report in October on multiple entities that they had discovered leaking medical or health data. Today, WizCase reported on three more leaks that they discovered leaking patient data. They shared their findings exclusively with DataBreaches.net. The first…
UK: RideLondon organisers apologise after data breach
BBC reports: Organisers of the RideLondon cycling event are “urgently looking into” a data breach involving potential participants’ personal details. It is unclear how many applicants have been affected by the issue which saw entrants receive other people’s ballot results. The events, due to be held in August, is open to 80,000 applications and last…
Estee Lauder Exposed 440 Million Records Online – Researchers
Jeremiah Fowler reports (typos are in the original): On January 30th I discovered a non-password protected database that contained a massive amount of records totaling 440,336,852. Upon further review I was able to see connections to New York based cosmetic company Estée Lauder. I could see audit logs that contained a large number of email addresses…