Aria Thaker reports: In another exposure of Aadhaar’s cybersecurity weaknesses, over 70 subdomains under a Government of India website are providing access to demographic-authentication services without requiring identity verification from the requester. The websites allow users to access an application programming interface, or API, in which anyone can enter a person’s Aadhaar number, name, gender…
Category: Exposure
Medical records mishap sends confidential information to Westerville woman
Terri Sullivan reports: Elizabeth Spilker might know more about you than you think. For about a year now, a local hospital has been faxing other people’s personal medical records to her home. “We have been getting regular faxes over the last year or so from Grant Medical Center, with people’s personal information attached,” said Spilker….
Lawsuit claims Kansas official exposed private voter data
Roxana Hegeman reports: A civil rights group filed a federal lawsuit Tuesday against Kansas Secretary of State Kris Kobach challenging a multi-state voter registration database it claims exposed sensitive information including partial Social Security numbers from nearly a thousand state voters. The complaint by the American Civil Liberties Union of Kansas alleges “reckless maintenance” of…
Asylum seeker spreadsheet data blurt: UK Home Office loses appeal to limit claimants
Rebecca Hill reports: The British Home Office’s bid to reduce the number of potential claimants from a 2013 data breach that exposed the personal details of thousands of asylum seekers has been knocked back by the Court of Appeal. Rather than simply publishing overall statistics on the family returns process – the system by which…
Andhra Pradesh Tracked You As You Bought Viagra, Then Put Your Name and Phone Number on the Internet for the World to See
Gopal Sathe reports: Bengaluru — If you are the gentleman who bought Suhagra 50, a generic version of Viagra, and some Vomiford anti-nausea drops, on June 13 from a government-run Anna Sanjivini store in Anantpur in Rayalseema, your name, phone number and purchases, were listed on an Andhra Pradesh government website — until HuffPost alerted…
More details emerge about Chicago Public Schools data breach
If there is a Keystone Cops equivalent of a k-12 data breach, a recent incident involving Chicago Public Schools may be a strong contender. Last week, this site noted a breach that seemed puzzling in its description. Since that time, some informed parents have reached out to me to provide me with more details about…