Lawrence Abrams reports: A misconfigured server exposed the taxpayer identification numbers, or Cadastro de Pessoas Físicas (CPFs), for 120 million Brazilian nationals for an unknown period of time. Before a Brazilian national can perform many tasks such as opening a bank account, creating a business, paying taxes, or getting a loan, they must first apply for a Cadastro de Pessoas…
Category: Exposure
‘It cannot expect a private business to continue to clean up its errors’: Privacy czar blasts health authority for faxing patient records to computer store — again
Ragas Clan reports: Darryl Arnold would have unplugged his fax machine months ago if he didn’t need it for work. That’s because the Saskatchewan Health Authority keeps faxing him confidential patient information, most recently a five-page catheterization report that included a patient’s personal information, medical history and treatment recommendations. According to the provincial privacy czar,…
Data Breach at Florida Dispensary Highlights Vulnerabilities
Lukas Barfield reports: Last week, a Florida medical cannabis dispensary took their website offline after it was found that patient information was obtainable through the site’s basic search function. Sarasota-based AltMed is a licensed Medical Marijuana Treatment Center (MMTC) that also goes by the name MÜV. AltMed responded quickly by taking their website offline after…
Ditch Google+ now.
David Thacker of G Suite writes that Google is abandoning Google+ even sooner than it had originally planned. A recent bug affecting more than 50 million users seemed to be the death knell for the product. In October, we announced that we’d be sunsetting the consumer version of Google+ and its APIs because of the significant challenges…
Report: 30 Percent of Healthcare Databases Exposed Online
Heather Landi reports: Hackers are using the Dark Web to buy and sell personally identifiable information (PII) stolen from healthcare organizations, and exposed databases are a vulnerable attack surface for healthcare organizations, according to a new cybersecurity research report. A research report from IntSights, “Chronic [Cyber] Pain: Exposed & Misconfigured Databases in the Healthcare Industry,”…
NJ Fines Health Insurance Provider $100K For Personal Information Breach
Kimberly Bosco reports: New York-based health insurance provider EmblemHealth, Inc. is paying the state of New Jersey a hefty fine for disclosing confidential personal information of over 6,000 New Jersey customers. Attorney General Gurbir S. Grewal and the Division of Consumer Affairs announced on Dec. 10 that EmblemHealth will pay NJ a $100,000 civil penalty….