Sara Gregory reports: School crisis plans that detail the medical issues of dozens of Norfolk students and teachers were posted online last week for anyone to access. […] Larchmont Elementary School’s plans, for instance, list a student with autism and two students with mobility issues. St. Helena Elementary School lists 27 students who have either…
Category: Exposure
Amazon AWS error exposes info on 31,000 GoDaddy servers
Mallory Locklear reports: Data leaks are par for the course these days, and the latest company to be involved in one is GoDaddy. The company, which says it’s the world’s top domain name registrar with over 18 million customers, is the subject of a new report from cybersecurity firm UpGuard that was shared exclusively with…
Telemedicine company exposed data of more than 2 millions patients in Mexico
Another day, another exposed database due to misconfiguration of a MongoDB installation. Bob Diachenko found it and reports on it: On August 3rd, I have discovered that personal information of 2,373,764 patients from Mexico is publicly available through a misconfigured MongoDB instance. Data included such fields as: Full name and gender; CURP number (i.e. Personal…
St. Mary’s Hospital Campus in Jefferson City notifies 301,000 of limited PHI left behind in a 2014 move
And this is why I always wait to close out monthly stats in healthcare. The following incident just showed up on HHS’s public breach tool today as having been reported to them on July 30, and affecting 301,000 patients. St. Mary’s Hospital’s notice, below, indicates that the entity was not sure of the number affected. …
Salesforce API error may have caused data leak
Tom Allen reports: Cloud computing firm Salesforce has warned customers that their information may have been shared with other customers’ accounts, due to an API error. In a security advisory, the CRM company says it became aware of the issue on the 18th July. The error impacted ‘a subset’ of Marketing Cloud customers using the…
AU: 7000 patient records from Women’s and Children’s hospital exposed online in embedded data- for 13 years
Simeon Thomas-Wilson reports: Medical records of more than 7000 people were exposed online for 13 years, forcing an urgent review by SA Health into whether there were any other breaches. Names, date of birth and test results for around 7200 pathology tests at the Women’s and Children’s Hospital from 1996 to 2005 were leaked online…