Zocdoc, an online booking system for dental or medical appointments, is first notifying patients almost one year after they learned programming errors enabled providers to access patient information they should not have had access to. In June, 2015, Zocdoc reportedly learned that a programming error had allowed some past or current practice staff members to access…
Category: Exposure
Open records request goof exposes personal info of 36,000 Poway USD students and their parents
Yet another breach in response to an open records/freedom of information request, this one affecting 36,000 Poway Unified School District students in California. CBS reports: The privacy breach leaked information about every student in the district and it included: medical information, home addresses, nicknames, birthdates, student grades, test scores and parents’ sensitive occupations. The San Diego…
MO: After school closes its doors, personal student records remain inside, unprotected
Monica Evans reports: Former students and parents want to know why student records with personal information are sitting inside an abandoned school at 77th and Wyandotte in Kansas City, Mo. The former Bingham Junior High School building closed in 2001, but an anonymous source gave FOX 4 a box of files containing student names, social security…
AU: CabCharge Data Exposed, Still Waiting For A Response Much Like Their Customers!
RiskBased Security reports that although it notified CabCharge of a misconfigured database leaking customer information and CabCharge seems to have taken steps to secure the data, CabCharge has neither acknowledged the notification nor notified customers: …. Our lead researcher quickly contacted CabCharge.com.au to alert them to the issue. After a few hours of checking on the status of…
More than 2,000 veterans had their PHI breached in April
Another site that reports on health data breaches tends to report on VA breaches in terms of percentage change from the previous month. DataBreaches.net does not do that because, frankly, there’s no consistent pattern or trend, and month-to-month comparisons don’t strike this blogger as particularly useful. Consider the stats from the last three months’ reports: February Summary:…
Was chatting about marijuana on TheTreesNetwork hazardous to your privacy?
In today’s installment of misconfigured databases, include more than 10 million chat messages from more than 44,000 users on TheTreesNetwork. Chris Vickery, security researcher at Kromtech, writes: I have information on two different breaches to share today. Coincidentally they both involve sites that show videos to their user base. The first has to do with TheTreesNetwork.com,…