Dominican Hospital, part of Dignity Health, is notifying patients whose protected health information was securely, but erroneously, transmitted to an incorrect health plan on July 16. The error was detected on July 28. According to a copy of the notification letters dated August 18, some patients were notified that the information included their name, account number, admission date, length…
Category: Exposure
Private lives are exposed as WikiLeaks spills its secrets
Raphael Satter and Maggie Michael of AP report: WikiLeaks’ global crusade to expose government secrets is causing collateral damage to the privacy of hundreds of innocent people, including survivors of sexual abuse, sick children and the mentally ill, The Associated Press has found. In the past year alone, the radical transparency group has published medical…
Consumer Caution: Factory RV Surplus exposing customer info (updated)
I usually withhold information about a leaky site until it’s been secured, but when a company repeatedly fails to follow up and ignores notifications by phone and email, and when the company responsible for their site also ignores notification, it’s time to go public, I think. More than one month ago, I was contacted by…
Beauty site lets anyone read customers’ personal information
Darren Pauli reports: Popular online cosmetics site Strawberrynet has asked customers if a function that allows anyone to retrieve its customers names, billing addresses, and phone numbers with nothing more than an email address is a bug or a feature. The bug was first disclosed almost exactly a decade ago and resurfaced after security man Troy Hunt reported the flaw to…
AU: Miner Norton Gold Fields blames human error for leak of employees’ personal and financial details
Jasmine Bamford and Sam Tomlin report: The operators of a Kalgoorlie gold mine have blamed “human error” after the personal and financial details of several hundred employees were emailed to one of their suppliers. Staff at Norton Gold Fields have been advised to monitor their bank accounts, with their names, bank details and tax file…
UK: Sage really has had it hands full this week…
In addition to dealing with what appears to be an insider breach that snagged the information of more than 200 Sage corporate customers, Sage also got a phone call from Chris Vickery this week that kept them even busier. According to Chris, he discovered about 20 misconfigured MongoDB installations using Sage’s X3 software. Originally thinking…