Update: One day later, the story of the OpticsML breach got much worse when Bob Diachenko found a second exposure involving the vendor. Read about it here. Original post: Zack Whittaker reports on a leak discovered by Bob Diachenko of Security Discovery: A trove of more than 24 million financial and banking documents, representing tens…
Category: Exposure
Why doesn’t Twitter have a way to notify them of leaks or concerns outside of a bug bounty program?
L33tdawg writes: Twitter has owned up to a privacy goof that exposed some Android users’ private tweets. That would be bad enough if the problem existed for an hour, or a day, or a month. But unfortunately for Twitter (and affected users) the problem was present from November 3 2014 until January 14 2019. That’s…
Privacy breach hits 45,000 recipients of Ontario’s disability support program
Kristin Rushowy reports: Ontario’s social services minister has apologized after the Mississauga disability support program office mistakenly emailed the private information of 45,000 people to 100 recipients. “On December 20th, due to a clerical error, the Mississauga ODSP office unintentionally shared some individuals’ information over email,” said Lisa MacLeod in a statement. [..] The December…
BlackRock exposes info on thousands of advisers via website
Bloomberg reports: BlackRock Inc., the world’s largest asset manager, inadvertently posted confidential information about thousands of financial adviser clients on its website. The data appeared in three spreadsheets, linked on one of the New York-based company’s web pages dedicated to its iShares exchange-traded funds. The documents included names and email addresses of financial advisers who buy…
Knoxville employees’ information exposed online for almost one year
WVLT reports: Employees with the City of Knoxville received a notification on Thursday that their private information, including their Social Security numbers, may have been revealed after data was ‘inadvertently’ posted on a procurement website. According to a city spokesperson, last year, personal information of employees who were employed as of Feb. 1, 2018, was…
PHI of 1,002 Lebanon VA Medical Center Patients Exposed in Email Error
HIPAA Journal reports: Lebanon VA Medical Center in Pennsylvania has discovered the protected health information of hundreds of elderly patients has been impermissibly disclosed to a family member of a veteran. In November 2018, a member of staff at Lebanon VA Medical Center emailed a document to a family member of a veteran who was…