It’s these “small breaches” that are often the most worrisome, as I’ve said ad nauseum for a decade. Here’s a case where an agency screws up, and their incident response is appalling – and dare I say, negligent. Yahoo7 reports: A violent father barred from seeing his children has been handed their new address in a…
Category: Exposure
Baton Rouge police database ‘hacked’ in retaliation for killing of Alton Sterling
Patrick Howell O’Neill reports: Just days after the fatal shooting of a black man by Baton Rouge police prompted international outrage and a Justice Department investigation, the Baton Rouge city government’s servers have been “hacked” and 50,000 city police records leaked online including names, addresses, emails, and phone numbers. A hacker named @0x2Taylor claimed responsibility…
California Health Care Facility email gaffe results in notifications
California Health Care Facility, which is part of the California Department of Corrections and Rehabilitation, is notifying an unspecified number of people that their names and Social Security numbers were erroneously emailed to an unauthorized recipient in an attached document on May 2. The erroneous email was subsequently deleted from the server.
Still ignoring the smaller paper breaches? Stop.
Add this to your “small breaches, big impact” analyses. As seen on the New Zealand Herald: A doctor’s office disclosed a patient’s childhood abuse when a letter was sent to the person’s neighbour accidentally. The incident happened when the patient told their GP about past abuse, who referred them on to counselling to help work…
Planned Parenthood: Potential Patient Records Breach in Dubuque
On May 6, 2016, Planned Parenthood of the Heartland discovered a potential breach of patients’ personal health information. Hard copy patient records from August 1, 2008 – April 30, 2014 may have been accessed by unauthorized parties during the April 2016 closure and subsequent sale of our Dubuque health care center. This potential breach is…
Order of Malta breach contains unhashed gov’t credentials
Jeremy Seth Davis reports: A white hat researcher discovered a pair of data breaches in which email and password credentials of government employees were dumped on Pastebin. Hackers dumped almost 4,000 credentials gained during two separate breaches that contained credentials linked to U.S. and Ukrainian government employees. The attackers breached a website affiliated with the…