Tom Pullar-Strecker reports: Vodafone says customers were able to access other people’s account information through its MyVodafone app on Wednesday morning. Spokeswoman Meera Kaushik said the privacy breach followed a planned upgrade to the app at 7am, which resulted in an “unexpected caching issue”. Read more on Stuff.
Category: Exposure
Heyyo dating app leaked users’ personal data, photos, location, more
Catalin Cimpanu reports: Online dating app Heyyo has made the same mistake that thousands of companies have made before it — namely, it left a server exposed on the internet without a password. This leaky server, an Elasticsearch instance, exposed the personal details, images, location data, phone numbers, and dating preferences for nearly 72,000 users,…
UK: Unshredded NHS records were dumped in a town centre to weigh down scaffolding at art festival
We really need to have an “Oh, FFS!” category for breaches. Rob Pattinson reports: Medical records of hundreds of thousands of NHS patients were dumped in a town centre to weigh down scaffolding. They were meant to be shredded but instead used as ballast for an art festival structure. Read more on The Sun.
‘Detailed and graphic’: Clinic faxes patients’ highly sensitive medical histories to wrong number
Melissa Cunningham reports: A Melbourne medical clinic has been inadvertently faxing highly sensitive patient details including mental health and family medical histories to a Greenvale man for at least two years. The man said he has been sporadically faxed at least 10 medical referrals for specialist consultations from the Harding Street Medical Centre in Coburg….
Thousands of abandoned medical records found in deceased Indiana doctor’s abortion clinics
Christina Maxouris of CNN reports on what appears to be a horrifying medical privacy breach. First, authorities discovered a spine-chilling 2,246 fetal remains in the Illinois garage of an abortion doctor after his death. Then, investigators found “thousands” of abandoned medical records across his abortion clinics in Indiana, the Indiana attorney general announced on Friday….
Tesco parking app hauled offline after exposing 10s of millions of Automatic Number Plate Recognition images
Gareth Corfield had the exclusive on this one: Tesco has shuttered its parking validation web app after The Register uncovered tens of millions of unsecured ANPR images sitting in a Microsoft Azure blob. The images consisted of photos of cars taken as they entered and left 19 Tesco car parks spread across Britain. Visible and…