In addition to dealing with what appears to be an insider breach that snagged the information of more than 200 Sage corporate customers, Sage also got a phone call from Chris Vickery this week that kept them even busier. According to Chris, he discovered about 20 misconfigured MongoDB installations using Sage’s X3 software. Originally thinking…
Category: Exposure
AU: Albany hospital staff avoid censure over confidential patient document find
ABC reports: Staff at Albany’s public hospital have avoided serious consequences after confidential patient information was found by a member of the public in the building’s courtyard. A double-sided paper document listing the personal details of 11 mental health patients, their reason for admission and their risk factors was found in the courtyard of the Albany…
UK: Hampshire County Council fined £100,000 after confidential social services papers found
Here’s a case where as part of her deliberations, the ICO considered that a council should have known they were in contravention of the DPA because the ICO had issued three monetary penalty notices to other entities who had left confidential data behind in decommissioned buildings during the relevant time period. From the Information Commissioner’s Office:…
Virgin Mobile privacy breach sees customers getting access to strangers’ voicemails
Michelle Starr reports: A privacy breach seems to be underway at Virgin Mobile. Customers attempting to access their voicemail messages are instead getting access to the voicemail messages of other people. When dialling the 212 number used by Virgin Mobile that allows access to your own voicemail box, Virgin Mobile customers are instead reporting that…
UK: Was Lloyds chief ‘affair’ exposed by disgruntled colleague?
James Burton and Vanessa Allen report: Lloyds Bank chiefs are investigating if an insider plot to undermine Antonio Horta-Osorio was behind revelations that he allegedly spent a weekend with a mistress on a business trip to Singapore. There are fears that sources within the chief executive’s inner circle leaked embarrassing claims that the married father…
Bon Secours notifies 655,000 patients that vendor error exposed patient info on Internet
Bon Secours Health System, Inc. (“Bon Secours”) and its affiliates are committed to maintaining the privacy and security of our patient information. This notice is to inform our patients of an incident involving one of our vendor’s handling of some patients’ information. On June 14, 2016, Bon Secours discovered that files containing patient information inadvertently…