India Ashok reports: A massive trove of sensitive data was left freely exposed online by San Francisco-based July Systems. The company’s cloud-based location intelligence and engagement platform called “Proximity MX”, which contains proprietary information belonging to the firm and its clients, were exposed via unsecured Amazon S3 databases. […] According to security researchers at Kromtech,…
Category: Exposure
A popular virtual keyboard app leaks 31 million users’ personal data
Zack Whittaker reports: Personal data belonging to over 31 million customers of a popular virtual keyboard app has leaked online, after the app’s developer failed to secure the database’s server. The server is owned by Eitan Fitusi, co-founder of AI.type, a customizable and personalizable on-screen keyboard, which boasts more than 40 million users across the…
Inside the Stanford Breach: Sexual Assault, Disciplinary and Financial Data Exposed
A series of cybersecurity vulnerabilities at Stanford University exposed thousands of sensitive files containing details of sexual assault investigations, disciplinary actions and more. The details of what happened—and why it should be an object lesson for higher education. A special three-part blog series. Craig A. Newman of Patterson Belknap writes: Part 1 In three separate…
Poor incident response? Bad PR, Monday edition
If you can’t prevent a breach, can’t you at least fake genuine concern? You know, the “At <blahblahblah>, we take your privacy and security very seriously” bit? Mark Flamme reports on a Key Bank breach where the bank’s response to notification of a problem is at least as problematic as the breach itself. After a…
Sensitive medical records dumped in public Allentown recycling bin
Paul Muschick and Emily Opilo report on one of those data protection fails that sometimes happen when a practice closes. And once again, we find no one stepping up to admit responsibility for the improper disposal of patient records with personally identifiable information and sensitive protected health information. In this case, the records appear to…
Personal information of up to 9,000 customers affected by possible security breach, CU says
Alissa Zhu reports: City Utilities has identified up to 9,000 customers who used payment kiosks or a certain mobile app to pay their utilities bills. Those customers’ personal information may be affected by a possible security breach, according to a news release. Information potentially at risk for those individuals include names, addresses, phone numbers, utility billing accounts, bank…