LeakedSource has done it again: Verticalscope.com and all of their domains were hacked in February of 2016. LeakedSource has obtained and added a copy of this data to its ever-growing searchable repository of leaked data. […] This data set contains nearly 45 million records from over 1100 websites and communities. Some of the larger domains…
Category: Exposure
CA: Courthouse data breach exposes personal information
Monica Vaughan reports: Private personal information of potentially thousands of people was unintentionally available on public access computers in the Sutter County Superior Courthouse on Monday. The data breach occurred when a new case management system went live Monday morning. The system was taken down the same afternoon after an Appeal-Democrat reporter alerted Court Executive…
Kern County Mental Health Dept. self-reports data breach
From their notice posted yesterday on their web site: This letter is to inform you of a recent security incident that occurred on 4/15/16 at the Kern County Mental Health Administration offices. Our administration offices recently relocated. During the move, a report was inadvertently left behind in a vacated section of the building that had…
Let’s Encrypt Accidentally Spills 7,600 User Emails
Chris Brook writes: Certificate authority Let’s Encrypt accidentally disclosed the email addresses of several thousand of its users this weekend. Josh Aas, Executive Director for the Internet Security Research Group (ISRG), the nonprofit group that helped launch the CA, apologized for the error on Saturday. In what Let’s Encrypt dubbed a preliminary report posted shortly after…
MA: Saugus employees’ personal information released during discovery phase of Rivers lawsuit against town
Jeannette Hinkle reports: When attorney Elayne Alanis requested documents relating to the employment of Saugus’ former Information Technology Network Administrator James Rivers, she wasn’t expecting 48,960 pages. More upsetting than the overwhelming volume of documents, Alanis said, was the inclusion of 1,200 town employees’ Social Security numbers, tax documents and personal banking information. Read more…
UK: ICO issues £150,000 monetary penalty to Dyfed-Powys Police over data protection breach
It’s one of those “small breaches, big potential harm situations.” The Dyfed-Powys Police force has been fined£150,000 after an email containing information that could be used to identify eight sex offenders was sent to a member of the public in error. The monetary penalty notice explains that the community member’s email address (an external email) was…