1NewsNow reports: Police say they are investigating after a member of the public made them aware of a potential privacy breach involving the firearms buyback programme. In a statement, police said they were made aware by the person today, and that the online notification platform for the buy-back programme has been closed down while they…
Category: Exposure
Millions of SMS messages exposed in database security lapse
Zack Whittaker reports: A massive database storing tens of millions of SMS text messages, most of which were sent by businesses to potential customers, has been found online. The database is run by TrueDialog, a business SMS provider for businesses and higher education providers, which lets companies, colleges, and universities send bulk text messages to…
OCR Secures $2.175 Million HIPAA Settlement after Sentara Hospitals Failed to Properly Notify HHS of a Breach of Unsecured Protected Health Information
OCR has announced another settlement. This one involves Sentara Hospitals, and it’s a somewhat surprising one in the sense that Sentara not only seems to have gotten the fundamentals of HIPAA and notification compliance wrong, but then they seem to have insisted in their wrongheaded ways even after HHS told them what their obligations were. …
Security lapse exposes personal data of 6,500 Singapore accountants
Eileen Yu reports: A folder containing personal data of 6,541 accountants in Singapore was “inadvertently” sent to multiple parties, in a security lapse that was uncovered only months after when a review was conducted. The incident exposed personal details such as names, national identification number, date of birth, and employment information. The incident occurred under…
French Hotel Giant Leaks 1TB+ of Client Data
Phil Muncaster reports: A leading European hotel booking platform has leaked over 1TB of data on customers, clients and partners thanks to an unsecured Elasticsearch database, exposing them to account takeover, identity theft and financial fraud. The database reportedly belongs to French B2B hotel booking firm Gekko Group, a subsidiary of Europe’s largest hotel group,…
Personal And Social Information Of 1.2 Billion People Discovered In Massive Data Leak, But Who’s Responsible??
Over on DataViper.io, Vinny Troia reports that he and Bob Diachenko found a massive data leak that appears to implicate two data enrichment firms: People Data Labs (PDL), and OxyData.io. But “implicate” is not the same thing as being able to actually attribute ownership of the elasticsearch server that was open at 35.199.58.125, and both…