Brian Krebs reports: A sprawling online company based in Georgia that has made tens of millions of dollars purporting to sell access to jobs at the United States Postal Service (USPS) has exposed its internal IT operations and database of nearly 900,000 customers. The leaked records indicate the network’s chief technology officer in Pakistan has been hacked…
Category: Exposure
U. of Iowa Health Care denies sharing patient data with Facebook, but are they right?
DataBreaches never accused U. of Iowa Health Care of sharing patient data with Facebook, but it seems that someone did. Clark Kaufmann reports: The University of Iowa Hospitals & Clinics is denying that it shares any confidential patient information with Facebook. Last week, lawyers for an Iowa woman, Eileen Yeisley, filed suit against UIHC in…
Court records online include private information for thousands of Missouri residents
Josh Renaud reports: Documents containing Social Security numbers and other private information for thousands of Missourians are accessible to anyone using the Casenet website, the state’s judicial records system, the Post-Dispatch recently discovered. Missouri Supreme Court officials have acknowledged the issue after being alerted by the Post-Dispatch, and they fixed one vulnerability on Casenet. But…
Many Public Salesforce Sites are Leaking Private Data
Brian Krebs reports: A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem from a misconfiguration in Salesforce Community that allows an unauthenticated user to access records that should only be available after logging…
D.C. Health Exchange Needs Broker Identity Theft Posse
Allison Bell reports: The builders of the Affordable Care Act health insurance exchange system once wondered whether agents and brokers would have a role in the health insurance market. Now, the managers of the ACA public exchange for the District of Columbia are turning to brokers to help persuade more users to protect themselves against the effects of…
Throne fixes security bug that exposed creators’ private home addresses
Zack Whittaker reports: A recently fixed security bug at a popular platform for supporting creators shows how even privacy-focused platforms can put creators’ private information at risk. Throne, founded in 2021, bills itself as “a fully secure, concierge wishlist service that acts as an intermediary between your fans and you.” Throne claims to support more than…