Note: this is the John F. Kennedy High School in La Palma, California. October 3, 2018 Notice of Data Breach As a precautionary measure, we are writing to inform you about a recent data security incident that occurred on October 2, 2018. What Happened? On October 2, 2018 at 5:04 p.m., an email was sent…
Category: Exposure
Oklahoma DHS could have sent private medical info to wrong addresses
Dale Denwalt reports: Officials at the Department of Human Services said Monday that a small number of clients were affected this year by a computer error that labeled envelopes with incorrect addresses. A labeling error affected notices that informed patients and their guardians about changes to their plan of care. Letters were meant for people…
App flaw let anyone access UK Conservative politicians’ data
Jon Fingas reports: The UK Conservative party is learning a hard lesson about the importance of basic security measures in mobile apps. Users have discovered that you could log into the party’s conference app using only an attendee’s email address, providing access to all kinds of sensitive data. And when many of the conference participants are…
Telegram fixes IP address leak in desktop client
Catalin Cimpanu reports: Telegram users who specifically utilize the application for its anonymity features are advised to update their desktop clients as soon as possible to patch a bug that will leak their IP address in some scenarios. The bug was found by Dhiraj Mishra, a bug hunter from Mumbai, India, and was patched by…
United Nations Accidentally Exposed Passwords and Sensitive Information to the Whole Internet
Micah Lee reports: The United Nations accidentally published passwords, internal documents, and technical details about websites when it misconfigured popular project management service Trello, issue tracking app Jira, and office suite Google Docs. The mistakes made sensitive material available online to anyone with the proper link, rather than only to specific users who should have…
Securus Technologies-owned GovPayNow.com Leaks 14M+ Records
Brian Krebs reports: Government Payment Service Inc. — a company used by thousands of U.S. state and local governments to accept online payments for everything from traffic citations and licensing fees to bail payments and court-ordered fines — has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone…