Amy Cole reports: A woman has hit out at Musgrove Park Hospital after photos of her recovering foot were used in a training seminar without her consent. Read more about what happened on Somerset County Gazette. Some of the commenters on that site were not particularly sympathetic to her complaint.
Category: Exposure
Employee error exposed San Jose Evergreen Community College District student info
The San Jose Evergreen Community College District (SJECCD) is notifying some of their students of a breach that occurred due to an employee error. On November 7, the district learned that an SJECCD employee had inadvertently uploaded a file containing the personal information of certain SJECCD students to a publicly accessible folder on the SJECCD website. The file…
Anonymous group releases 1,768 student GPAs from Appalachian State University
Sammy Hanf reports: A group called AppState Leaks released the information via their Twitter page of the same name this Thursday. The PDF posted contains student’s first names, majors, year and GPA. The university’s Information Security Department is currently conducting an investigation into the breach. The university said in a statement there is no indication…
The Medical Reports Of 43,000 People, Including HIV Patients, Were Accidentally Released Online
Pranav Dixit reports: The medical records of over 43,000 people have been accidentally made public after being put online by a pathology lab in Mumbai. The reports contain confidential details like names, addresses, dates of birth, and blood test results. They also include details of patients who have had blood tests done for HIV detection….
Data breach exposed locations of oil industry explosives, handler credentials
Dell Cameron reports: A misconfigured storage device discovered by a security researcher in October left exposed thousands of internal files belonging to an explosives-handling company. The files, which have since been secured, reportedly included details about facilities in three U.S. states where explosives are stored. The leaky file repository belonged to Allied-Horizontal Wireline Services(AHWS), a leading wireline company…
UK: Borough council probed in potential mass data breach
PSE reports: A Nottinghamshire borough council has been investigated by police after it was potentially the site of a mass breach of data protection laws. Police were notified in September after a confidential email sent to Broxtowe Borough Council which made allegations about a member of staff’s conduct was sent to all 730 staff. Police…