Ben Crnic reports: A data breach may have exposed information related to some students at a school district in Northern Westchester. The breach was announced by Mount Pleasant Central School District Superintendent Peter Giarrizzo on Friday, Feb. 17, who said that several student email passwords may have been compromised by the incident. After the data breach…
Category: Exposure
FL: Brooks Rehabilitation notifies patients of pixel tracking breach
On January 30, Brooks Rehabilitation (“Brooks”) in Florida disclosed that in December, they discovered tracking technology vendors that provide services to Brooks were able to view/access individually identifiable health information (IIHI) provided when a website user provided contact information or feedback via a Brooks website. The data transmitted could have included information such as name;…
Indian social media app Slick exposed childrens’ user data
Jagmeet Singh reports: Emerging Indian social media app Slick left an internal database containing users’ personal information, including data of school-going children, publicly exposed to the internet for months. Since at least December 11, a database containing full names, mobile numbers, dates of birth, and profile pictures of Slick users was left online without a password. Read…
Penang government data leaked online
Predeep Nambiar reports: Over 600,000 “rows of private data” from the Penang government’s official website have allegedly been stolen and uploaded onto the internet. The data was uploaded to a forum known as BreachForums by a user with the handle “LeakBase” on Jan 18, who said it was available for download. Read more at Free…
The Center for Autism and Related Disorders notifies patients after vendor’s error caused HIPAA breach
The Center for Autism and Related Disorders (“CARD”) has locations throughout the U.S. On January 24, it experienced a reportable breach when “as part of a recent update to its patient billing systems, the third-party vendor responsible for generating patient invoices incorrectly made a computer error which resulted in certain caregivers receiving an invoice for…
Derriford Hospital admits data breach as patient sent list of complaints against hospital
William Telford reports: Health chiefs have admitted a data breach after a patient received a list of people who had made complaints against Plymouth’s Derriford Hospital. Retired horse breeder Jeanette Anderson was stunned when an email from the hospital contained confidential details of complainants including, she said, bereaved families. University Hospitals Plymouth NHS Trust has…