One question that occasionally pops up is how often businesses go out of business after or due to a data breach. My answer to that is “not often,” but we do it occasionally. In some cases, the breach may just have been a final straw for an already shaky business. Yesterday, during a webinar with…
Category: Exposure
Massive data leak affecting Arik Air customers; company slow to respond: Paine
Oladeinde Olawoyin reports: Millions of customers flying Nigeria’s foremost airline, Arik Air, may have had their data leaked as details emerged on Wednesday that the airline’s data were found in exposed and vulnerable Amazon S3 buckets. According to Justin Paine, Head of Trust & Safety at Cloudflare, there is a bucket containing a large number…
Bully 4 U: Victims’, perpetrators’ names exposed in Western Albemarle data breach
Schilling Show reports: The results of an annual school survey administered by Western Albemarle High School (WAHS) were inadvertently exposed to the public in a serious breach of security and student privacy protocol. In a post-breach letter to parents, WAHS principal, Darah Bonham, explained that the school’s Peer Nomination Survey “asks students to identify peers…
Follow-up: Mecklenburg Co. not fined for releasing personal information of health department patients
WSOC-TV reports: The United States Department of Health and Human Services Office of Civil Rights did not fine Mecklenburg County for inadvertently providing Channel 9 with the personal medical information of thousands of health department patients in 2017. Records show Mecklenburg County self-reported the potential HIPAA violation on May 4, 2017. In March 2017, in…
NZ: IRD privacy breach raises data handling concerns
Nine to Noon reports: Inland Revenue’s data protection protocols are being questioned after a woman received information about a stranger’s child support in a copy-and-paste error. The Wellington woman got a letter from Inland Revenue addressed to her that included the full name of a father who was paying child support, and his child. She…
TX: Statement and Frequently Asked Questions about the 2018 ERS OnLine Security Incident
From the Employees Retirement System of Texas, this breach information notice. Note that this was reported to HHS with ERS listed as a health plan, and the breach was reported as affecting 1,248,263 members, but also note that no medical or health information was reportedly involved. On August 17, 2018, the Employees Retirement System of…