A London council has been fined £70,000 after it accidentally published a cache of personal data including medical details, cheques, and even one person’s prison record. Islington’s parking system website published unencrypted personal information of almost 90,000 people, meaning it could be accessed by simply manipulating a URL Read more on Evening Standard.
Category: Exposure
Sg: Ex-financial adviser fined for data breach
K.C. Vijayan reports: A former financial consultant was fined $1,000 for breaching data protection laws by disposing of clients’ insurance policy-related documents in a rubbish bin in a residential estate. The Commissioner for Data Protection had launched a probe after receiving a complaint on Oct 10 last year that Prudential folders were recovered from a…
CA: Breach of RNC officers’ information in Sunshine List accidental, says privacy commissioner
CBC News reports: The Office of the Information and Privacy Commissioner (OIPC) has concluded that a privacy breach that led to the salary and employee ID information of some Royal Newfoundland Constabulary officers being published online earlier this year was accidental. The information was published as part of the 2016 Sunshine list, which listed people who…
State juror pool data breach exposed Social Security numbers
Kieran Nicholson reported: A lapse in security at the Colorado Judicial Department led to information about jurors in Colorado, including Social Security numbers, being exposed on the internet for about a year. The state court administrator’s office was contacted July 27 by a person in Alaska who alerted state officials about the potential for massive…
NJ: Documents with sensitive information found in used office furniture
News12 in NJ reports: Hundreds of employment documents with sensitive information were found inside some used office furniture. […] Most of the forms seem to have come from employees at a health group based in New Jersey. News 12 reached out to the company for comment, but did not hear back. Read more on…
Top Next-Gen Security Firm Leaking Terabytes of Customer Data
Update2: Brian Krebs has a great post criticizing those who reported on DirectDefense’s claims without waiting for a response from Cb. Sadly, this site is also guilty of that by just citing and linking to others’ reporting without doing any verification. Original Post: From the this-can’t-be-good dept., Catalin Cimpanu reports: Sensitive corporate data from customers…