Monica Evans reports: Former students and parents want to know why student records with personal information are sitting inside an abandoned school at 77th and Wyandotte in Kansas City, Mo. The former Bingham Junior High School building closed in 2001, but an anonymous source gave FOX 4 a box of files containing student names, social security…
Category: Exposure
AU: CabCharge Data Exposed, Still Waiting For A Response Much Like Their Customers!
RiskBased Security reports that although it notified CabCharge of a misconfigured database leaking customer information and CabCharge seems to have taken steps to secure the data, CabCharge has neither acknowledged the notification nor notified customers: …. Our lead researcher quickly contacted CabCharge.com.au to alert them to the issue. After a few hours of checking on the status of…
More than 2,000 veterans had their PHI breached in April
Another site that reports on health data breaches tends to report on VA breaches in terms of percentage change from the previous month. DataBreaches.net does not do that because, frankly, there’s no consistent pattern or trend, and month-to-month comparisons don’t strike this blogger as particularly useful. Consider the stats from the last three months’ reports: February Summary:…
Was chatting about marijuana on TheTreesNetwork hazardous to your privacy?
In today’s installment of misconfigured databases, include more than 10 million chat messages from more than 44,000 users on TheTreesNetwork. Chris Vickery, security researcher at Kromtech, writes: I have information on two different breaches to share today. Coincidentally they both involve sites that show videos to their user base. The first has to do with TheTreesNetwork.com,…
Privacy commissioner closes door on Corner Brook privacy breach
Mistakes happen, and not every incident should result in a regulator investigation or smackdown. Cory Hurly provides a useful example of that: Given there was no complaint from anybody potentially impacted by an inadvertent release of documents on the City of Corner Brook’s website, the Office of the Privacy Commissioner has all but closed the file. Sean Murray,…
Talentbuddy.co / Talentguide.co Database Exposed, Company Reacts Swiftly
Another day, another misconfigured MongoDB database installation. This one, uncovered by RiskBased Security, involved Udemy‘s Talentbuddy.co. RBS writes: In total, there have been 38,791 users accounts from the talentbuddy.co website and a further 22,761 users from the Talentguide.co website exposed, with usernames, email addresses, passwords, Linkedin profile information, and other site-related information such as registration dates,…