Dale Denwalt reports: Officials at the Department of Human Services said Monday that a small number of clients were affected this year by a computer error that labeled envelopes with incorrect addresses. A labeling error affected notices that informed patients and their guardians about changes to their plan of care. Letters were meant for people…
Category: Exposure
App flaw let anyone access UK Conservative politicians’ data
Jon Fingas reports: The UK Conservative party is learning a hard lesson about the importance of basic security measures in mobile apps. Users have discovered that you could log into the party’s conference app using only an attendee’s email address, providing access to all kinds of sensitive data. And when many of the conference participants are…
Telegram fixes IP address leak in desktop client
Catalin Cimpanu reports: Telegram users who specifically utilize the application for its anonymity features are advised to update their desktop clients as soon as possible to patch a bug that will leak their IP address in some scenarios. The bug was found by Dhiraj Mishra, a bug hunter from Mumbai, India, and was patched by…
United Nations Accidentally Exposed Passwords and Sensitive Information to the Whole Internet
Micah Lee reports: The United Nations accidentally published passwords, internal documents, and technical details about websites when it misconfigured popular project management service Trello, issue tracking app Jira, and office suite Google Docs. The mistakes made sensitive material available online to anyone with the proper link, rather than only to specific users who should have…
Securus Technologies-owned GovPayNow.com Leaks 14M+ Records
Brian Krebs reports: Government Payment Service Inc. — a company used by thousands of U.S. state and local governments to accept online payments for everything from traffic citations and licensing fees to bail payments and court-ordered fines — has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone…
Another security breach at Grindr reveals users’ exact location
Tom Capon reports: Grindr’s security issues are once again in the spotlight as a third party app pinpointed users’ exact location. Despite constant reassurances from the app about the difficulties of exploiting their location technology, the latest security breach revealed how malicious parties can locate users. Discovered by blog Queer Europe, they used a third-party…