Beth Kassab and Leslie Postal report: The troubled Florida Virtual School should get a new governor-appointed board, new ethics standards for employees and a new inspector general inside the school to oversee internal audits and investigations, according to a report released Friday by the Florida Department of Education. And some of the criticism relates to…
Category: Exposure
UK: NHS pagers are leaking medical data
Zack Whittaker reports: An amateur radio rig exposed to the internet and discovered by a security researcher was collecting real-time of medical data and health information broadcast by hospitals and ambulances across U.K. towns and cities. The rig, operated out of a house in North London, was picking up radio waves from over the air and…
UCR vulnerability may have exposed private information
Seen on Landline: A problem with the Unified Carrier Registration plan’s website may have exposed Social Security or Tax ID numbers for thousands of users. UCR indicated that the vulnerability existed between March 1st and March 28th, 2019. The information exposed includes 23,000 Social Security numbers. After a bit of searching, I found the actual notice from…
UniCredit reveals data breach exposing 3 million customer records
Charlie Osborne reports: UniCredit has revealed a data breach resulting in the leak of information belonging to three million customers. On Monday, the Italian bank and financial services organization said that a compromised file, generated in 2015, is the source of the security incident. In total, roughly three million records were exposed, revealing the names, telephone…
Open wide and say, “Ugh, My Data!!!!!”
This is the story of how mapping and analysis of an open elastic search led to the discovery of a misconfigured Amazon s3 bucket that exposed data from hundreds of thousands of dental patients. If you live in Brazil, you may already be experiencing breach fatigue from having had so much of your personal and…
CenturyLinks’ suffers data leak due to vendor error
Tim Sandle reports: CenturyLink has reported that a customer information database of 2.8 million records was found exposed. The database was affiliated with a third-party notification platform and has been exposed for 10 months. With the CenturyLink issue, the personal information of hundreds of thousands on CenturyLink customers, including name, addresses, email addresses, and phone…