Matt Cox reports: In a security breach last night (now resolved), Bethesda’s support site revealed the personal information of customers who’d submitted support tickets. The details – which included people’s names, addresses and phone numbers – mostly belonged to Fallout 76 Power Armor Edition buyers, who were after a replacement canvas bag for the nylon…
Category: Exposure
Florida contractor physicians’ group settles HHS claims after they failed to have a BA agreement in place with a vendor who had a breach
There is a follow-up to a 2014 breach reported on this site at the time. But it turns out there was an interesting twist to this case that HHS followed up. Here is their press release: Advanced Care Hospitalists PL (ACH) has agreed to pay $500,000 to the Office for Civil Rights (OCR) of the…
Jared, Kay Jewelers Parent Fixes Data Leak
Brian Krebs reports: In mid-November 2018, KrebsOnSecurity heard from a Jared customer who found something curious after receiving a receipt via email for a pair of earrings he’d just purchased as a surprise gift for his girlfriend. Dallas-based Web designer Brandon Sheehy discovered that slightly modifying the link in the confirmation email he received and…
AU: Commonwealth Bank customers’ medical data exposed in potential privacy breach
Dan Oakes reports: The Commonwealth Bank is urgently investigating a potential data breach that may have given its staff access to customers’ sensitive medical information. The issue was discovered around late July as the bank made preparations for the $3.8 billion sale of its insurance arm, CommInsure, to the AIA group. Medical information supplied by…
Misconfigured Locksmith Services web servers exposed sensitive information
Darryl Burke reports: On Wed Nov 23rd, we discovered a misconfiguration on the web servers of the company “Locksmith Services” which is a US based national dispatch service for Locksmiths. The misconfiguration on the website dispatchlogin.net exposed the; audio recording of calls, emails, customer contact information, photos of drivers licenses and passports, photos of credit…
Allegiant Air customers say airline sent personal information to hundreds
Todd Ulrich reports: Some Allegiant Air customers claim the airline violated their privacy and shared their sensitive information. Customers who have used service and emotional support animals found out their personal email addresses were sent to hundreds of passengers. Action 9 consumer investigator Todd Ulrich reports a class action lawsuit is demanding the airline protect…