Aaron Hinks reports an update to an incident that does not appear to have been covered on this blog. So why am I including the update? Well, partly because it sounds like something did happen that left personal information unshredded, but also because it sounds like the earlier reporting may have impugned a firm’s reputation and…
Category: Exposure
ZOLL notifying 277,319 patients of vendor data exposure incident
ZOLL Medical Corporation, an Asahi Kasei Group Company, develops and markets medical devices and software solutions. A press release on March 18 described an incident that impacted what they describe as “some patients’ personal and medical information.” On January 24, 2019, ZOLL discovered that some email archived by an unnamed third-party service provider had been exposed…
NJ Based Home Health Radiology Services Leaked Nearly 40k Case Files
Jeremiah Fowler reports: On March 1st I discovered a non-password protected database that contained what appeared to be medical case files. I immediately notified the organization that we suspected was responsible based on information found inside the database. It was a Friday evening and the phone went straight to voice mail, leaving the database wide…
Thousands of health records and doctor’s notes were exposed daily
Zack Whittaker reports: A health tech company was leaking thousands of doctor’s notes, medical records, and prescriptions daily after a security lapse left a server without a password. The little-known software company, California-based Meditab, bills itself as one of the leading electronic medical records software makers for hospitals, doctor’s offices, and pharmacies. The company, among other…
Education and Science Giant Elsevier Left Users’ Passwords Exposed Online
Joseph Cox reports: Elsevier, the company behind scientific journals such as The Lancet, left a server open to the public internet, exposing user email addresses and passwords. The impacted users include people from universities and educational institutions from across the world. It’s not entirely clear how long the server was exposed or how many accounts…
Here’s What It’s Like to Accidentally Expose the Data of 230M People
Andy Greenberg reports: Steve Hardigree hadn’t even gotten to the office yet, and his day was already a waking nightmare. As he Googled his company’s name that morning last June, Hardigree found a growing list of headlines pointing to the 10-person marketing firm he’d founded three years earlier, Exactis, as the source of a leak…