Suranjana Roy, Komal Gupta, and Apurva Vishwanath report: A case of Aadhaar data breach has caused privacy concerns and raised questions over the security of biometric data in possession of the Unique Identification Authority of India (UIDAI). […] The UIDAI filed a police complaint on 15 February against Axis Bank Ltd, business correspondent Suvidhaa Infoserve…
Category: Exposure
Cloudbleed: Big web brands leaked crypto keys, personal secrets thanks to Cloudflare bug
Iain Thomson reports: Big-name websites leaked people’s private session keys and personal information into strangers’ browsers, due to a Cloudflare bug uncovered by Google security researchers. Cloudflare helps companies spread their websites and online services across the internet. Due to a programming blunder, for several months Cloudflare’s systems slipped random chunks of server memory into…
NYC Dept. of Education email gaffe exposes 439 paraprofessionals’ SSN
Jim Hoffer reports: New York City’s Department of Education accidentally sent out an email that had not just the names, but also the Social Security numbers of hundreds of employees. […] “The attachment was a list of Department of Education para-professionals, exactly 439 names, first, last names and Social Security numbers,” the teacher’s assistant said….
Millions of IGN and PCMag user records sit exposed, online
Chris Bing reports: A website configuration issue affecting itmanagement.com, a property owned by New York City digital publisher Ziff Davis, can be exploited to access a company database full of private user contact information, including names, phone numbers, employment details, email and employer addresses. The database also contains contact information for users registered on other Ziff Davis properties….
Guelph settles $1-million lawsuit, gets back personal files
City hall has settled the wrongful dismissal lawsuit launched by former chief building official Bruce Poole and has also recovered personal information about City of Guelph employees that was inadvertently given to Poole’s lawyers. These announcements, made in two separate but related city hall news releases late Tuesday afternoon, conclude a matter that cost deputy…
Harvard Computer Society’s Face Should be VERY Crimson: Inadvertently Exposed Student Info Online – for YEARS
Hannah Natanson & Derek G. Xiao report: More than 1.4 million emails—some divulging Harvard students’ grades, financial aid information, and at least one individual’s Social Security number—sent over Harvard Computer Society email lists were open to the public until Monday. Teaching fellows, resident tutors, College administrators, and thousands of undergraduates have used the email list…