Exposure – Page 141 – DataBreaches.Net

Alive Hospice’s breach notification required a second breach notification

Posted on September 8, 2019 by Dissent

It occasionally happens that a breach or incident response creates a second incident of its own. That seems to be the case with Alive Hospice, as this newest press release suggests, but does this require second notification to HHS/OCR? My first impression is that it would, but I’m interested to hear what HIPAA lawyers might…

Oh good grief, Saturday edition

Posted on September 7, 2019 by Dissent

Seen on Twitter: BREAKING: Dutch hospital that just got fined 460.000 euro by Dutch DPA for staff snooping in medical files, is in the news today again: staff used medical files as grocery list. Left them in shopping cart supermarket. Compliance is a cultural issue!https://t.co/LhVELzgL8J #GDPR — Jeroen Terstegge (@PrivaSense) September 7, 2019 A google…

UK: Gender identity clinic leaks almost 2,000 patients’ email addresses

Posted on September 6, 2019 by Dissent

Chris Fox reports: The Charing Cross Gender Identity Clinic sent patients an email about an art competition, with hundreds of others CC-ed in. The clinic later tried to recall the message but the error had already been noticed. The Tavistock and Portman NHS Foundation Trust, which is responsible for the clinic, is investigating. Read more…

Monster.com says a third party exposed user data but didn’t tell anyone

Posted on September 6, 2019 by Dissent

Zack Whittaker reports: An exposed web server storing résumés of job seekers — including from recruitment site Monster — has been found online. The server contained résumés and CVs for job applicants spanning 2014 and 2017, many of which included private information like phone numbers and home addresses, but also email addresses and a person’s…

DK-Lok data breach exposes global enterprise client data, internal emails

Posted on September 5, 2019 by Dissent

Charlie Osborne reports: Perhaps, one day, the continual stream of data leaks and cybersecurity breaches stemming from open databases will make organizations sit up, take notice, check their IT infrastructure, and resolve any security problems they find. Today is not that day it seems for DK-Lok, the latest entry in a long list of companies…

Teletext Data Breach Exposes Over 200,000 Customer Phone Call Recordings

Posted on September 4, 2019 by Dissent

Conor Reynolds reports: Package Holiday firm Truly Travels exposed over 200,000 customer phone call recordings and data files on a publicly accessible server. Over 530,000 data files were discovered in an unsecured Amazon Web Services server. Of these files 212,000 were audio files that held recordings of Teletext customers who had contacted the firms India-based…