Nat Levy reports: A lawsuit against internet provider CenturyLink and AT&T-owned DirecTV alleges the companies fail to adequately protect personal customer data — to the point that it can be found through a simple internet search. The suit was filed Monday in U.S. District Court in Seattle and seeks class action status. The plaintiff, James Jantos,…
Category: Exposure
360,000 current and former Pennsylvania teachers notified of breach
So that breach in February affecting Pennsylvania teachers affected approximately 360,000 current and former teachers. A 30-minute exposure leads to so much cost and anxiety. Ouch.
ID: School district reports inadvertent disclosure
This item by Dr. Michael Garrett that appeared in the Clearwater Tribune appears to concern Joint School District #171 in Idaho. At approximately 7:35 a.m. on March 19, a supervisor brought to my attention that an employee had discovered personal employee information on the district website. The information was verified in a payroll report which inadvertently…
He tried to tell you you’re leaking data. Even after you stupidly blocked him.
Today’s episode of Incident Response Fail involves a cybersecurity professional/bug bounty hunter, Mohamed Suwaiz, and a driver training company in Texas, Smith System, that seemed to stubbornly resist his efforts to alert them to a data leak. Although Suwaiz (@Msuwaiz on Twitter) describes himself as being motivated by bug bounties, when there’s no bounty to…
Florida Virtual School database now uploaded to HaveIBeenPwned
From Troy Hunt, an aid to parents who want to check if their email address or their child’s email address was in a leaked database: New breach: The Florida Virtual School had 368k student records with 543k email addresses exposed including names, grades and dates of birth. It’s flagged as “sensitive” due to the prevalence…
The Dutch Data Protection Authority accidentally leaked its employees’ data
MIX reports: Oh, sweet irony: the Dutch Data Protection Authority – where registered companies are required to report breaches in data – has accidentally leaked the names of some of its employees in over 800 public documents, local outlet NU.nl reports. The discovery comes from Dutch cybersecurity firm NFIR. Pauline Gras from the Dutch Data…