Jim Hoffer reports: New York City’s Department of Education accidentally sent out an email that had not just the names, but also the Social Security numbers of hundreds of employees. […] “The attachment was a list of Department of Education para-professionals, exactly 439 names, first, last names and Social Security numbers,” the teacher’s assistant said….
Category: Exposure
Millions of IGN and PCMag user records sit exposed, online
Chris Bing reports: A website configuration issue affecting itmanagement.com, a property owned by New York City digital publisher Ziff Davis, can be exploited to access a company database full of private user contact information, including names, phone numbers, employment details, email and employer addresses. The database also contains contact information for users registered on other Ziff Davis properties….
Guelph settles $1-million lawsuit, gets back personal files
City hall has settled the wrongful dismissal lawsuit launched by former chief building official Bruce Poole and has also recovered personal information about City of Guelph employees that was inadvertently given to Poole’s lawyers. These announcements, made in two separate but related city hall news releases late Tuesday afternoon, conclude a matter that cost deputy…
Harvard Computer Society’s Face Should be VERY Crimson: Inadvertently Exposed Student Info Online – for YEARS
Hannah Natanson & Derek G. Xiao report: More than 1.4 million emails—some divulging Harvard students’ grades, financial aid information, and at least one individual’s Social Security number—sent over Harvard Computer Society email lists were open to the public until Monday. Teaching fellows, resident tutors, College administrators, and thousands of undergraduates have used the email list…
UK: ‘Shambles’ as council makes blunder with children in care register
Express & Star reports: The council mistakenly sent the list of children, including personal information, to a number of its in-house foster carers. It has now launched an investigation into the data breach and insisted that ‘no children were put at risk’. But County Councillor George Adamson, who is also the leader of Cannock Chase District…
The CoPilot Provider Support Services incident: The HIPAA issue
In the first part of a discussion of an incident reported by CoPilot Provider Support Services, this site reported claims by John Witkowski, a former employee, that CoPilot had not reported accurately on the incident. In this part, we focus on just one of CoPilot’s claims – that they are not a business associate under HIPAA….