Brian Krebs writes: Countless smartphones seized in arrests and searches by police forces across the United States are being auctioned online without first having the data on them erased, a practice that can lead to crime victims being re-victimized, a new study found. In response, the largest online marketplace for items seized in U.S. law…
Category: Exposure
HHS Office for Civil Rights Settles HIPAA Investigation with Arkansas Business Associate MedEvolve Following Unlawful Disclosure of Protected Health Information on an Unsecured Server for $350,000
As background: this case began with someone finding an unsecured FTP server owned by MedEvolve. He reported it to DataBreaches. This site first reported on the leak in 2018. This site also reported when MedEvolve issued a statement months later, and again two years later when HHS got them to notify patients. Today, the U.S….
Vehicle data of over 2 million Toyota users been publicly available in Japan since a decade
Update: As more details emerge, this story gets even bigger in some respects. See this news coverage at: https://www.gizchina.com/2023/05/13/toyota-mishandled-user-data-by-publishing-over-2-million-user-info-online/ Daniel Leussink and Kantaro Komiya report: Toyota Motor Corp said on Friday the vehicle data of about 2.15 million users was left publicly available in Japan for about a decade from November 2013 to mid-April. […]…
Employee records exposed in Ambulance Victoria data breach
Anthony Anderson reports: Confidential employee information has been exposed in a data breach at Ambulance Victoria (AV). The data in question is the drug and alcohol tests of prospective graduate paramedics collected between May 2017 and October 2018. The documents had become accessible on Ambulance Victoria’s internal intranet. Read more at Herald Sun.
More breach news from the U.S. healthcare sector
A small roundup of incidents from the past 24 hours, including some dark web disclosures Uintah Basin Healthcare notifies patients of data breach discovered in November Uintah Basin Healthcare (“UBH”) in Utah became aware of unusual activity in their network on November 7, 2022. They are first notifying patients who received care at UBH between…
Japan’s ubiquitous convenience stores now serving up privacy breaches
Simon Sharwood reports: Japan’s minister for digital transformation and digital reform, Taro Kono, has apologized after a government app breached citizens’ privacy. The app is called the “Certificate Issuing Server” and, as explained by the municipal government of Kodaira City, allows residents to print documents such as certificates that prove they’ve paid taxes. Fujitsu Japan developed and…