It’s been a while since I’ve noticed a third-party breach of a wellness vendor, but here we go, it seems. SimplyWell (“Viverae”) works with Healthbreak, who provides wellness services to the firm in question. SimplyWell, Inc. (“SimplyWell”) recently discovered a data privacy incident that may affect the privacy of certain Lincoln Electric System (“LES”) employees’…
Category: Exposure
Another data breach for South Africa – 934,000 passwords and IDs exposed
IOL reports: Another major leak has surfaced for South Africans. A database containing sensitive personal data that came from a traffic fine platform has been leaked online, according to security researcher Troy Hunt and iAfrikan Digital founder Tefo Mohapi. The information contained in this leak includes names, ID numbers, e-mail addresses, and passwords stored in plain text from…
Teen phone monitoring app leaked thousands of user passwords
Zack Whittaker reports: At least one server used by an app for parents to monitor their teenagers’ phone activity has leaked tens of thousands of accounts of both parents and children. The mobile app, TeenSafe, bills itself as a “secure” monitoring app for iOS and Android, which lets parents view their child’s text messages and…
Los Angeles County 211 exposed call logs with details
Another day, another leak involving sensitive information. From the UpGuard team: The UpGuard Cyber Risk Team can now disclose that sensitive data from the Los Angeles County 211 service, a nonprofit assistance organization described on their website as “the central source for providing information and referrals for all health and human services in LA County,” was…
UT physician group improperly shared patient email addresses
Todd Ackerman reports: A clinic owned by the physicians organization of the University of Texas Health Science Center at Houston improperly sent out mass emails containing the email addresses of many of its patients. UT Physicians’ Davis Clinic sent batches of emails, notification of a doctor leaving the clinic, to patients last week. There were…
More than 200,000 patients’ records were exposed on MedEvolve’s public FTP server – researcher
Common sense dictates that patients’ protected health information should not be made freely available on FTP servers that have no login required. And yet it still happens, and has happened again. Recently, this site learned of another FTP server exposing patients’ information. This particular FTP server belongs to MedEvolve, an Arkansas company that provides practice management…