CO: SECOP II platform affected by “presumed hacking” The SECOP II platform is a transactional platform with accounts for state entities and contractors used for submitting, evaluating, and awarding contracts. On May 3, La Agencia Nacional de Contratación Pública – Colombia Compra Eficiente reported a cyberattack on its SECOP II platform. The attack was announced…
Category: Exposure
Indiana University exposes sensitive student data
Jurgita Lapienytė reports: Each year, hundreds of institutions across the US and Canada ask their first-year, transfer, and older students to participate in a survey about their prior academic and co-curricular experiences. They also ask them to share their expectations from the coming year. The survey isn’t anonymous – students are asked to enter their…
Notice relating to Ambulance Victoria privacy breach
May 17, 2023 On Thursday 11 May 2023 Ambulance Victoria (AV) was made aware that documents containing personal information of some current and prospective employees was accessible to other AV employees on the AV intranet. The documents contained the alcohol and other drug testing results of approximately 600 job applicants undertaken between May 2017 and…
Re-Victimization from Police-Auctioned Cell Phones
Brian Krebs writes: Countless smartphones seized in arrests and searches by police forces across the United States are being auctioned online without first having the data on them erased, a practice that can lead to crime victims being re-victimized, a new study found. In response, the largest online marketplace for items seized in U.S. law…
HHS Office for Civil Rights Settles HIPAA Investigation with Arkansas Business Associate MedEvolve Following Unlawful Disclosure of Protected Health Information on an Unsecured Server for $350,000
As background: this case began with someone finding an unsecured FTP server owned by MedEvolve. He reported it to DataBreaches. This site first reported on the leak in 2018. This site also reported when MedEvolve issued a statement months later, and again two years later when HHS got them to notify patients. Today, the U.S….
Vehicle data of over 2 million Toyota users been publicly available in Japan since a decade
Update: As more details emerge, this story gets even bigger in some respects. See this news coverage at: https://www.gizchina.com/2023/05/13/toyota-mishandled-user-data-by-publishing-over-2-million-user-info-online/ Daniel Leussink and Kantaro Komiya report: Toyota Motor Corp said on Friday the vehicle data of about 2.15 million users was left publicly available in Japan for about a decade from November 2013 to mid-April. […]…