Mistakes happen, and not every incident should result in a regulator investigation or smackdown. Cory Hurly provides a useful example of that: Given there was no complaint from anybody potentially impacted by an inadvertent release of documents on the City of Corner Brook’s website, the Office of the Privacy Commissioner has all but closed the file. Sean Murray,…
Category: Exposure
Talentbuddy.co / Talentguide.co Database Exposed, Company Reacts Swiftly
Another day, another misconfigured MongoDB database installation. This one, uncovered by RiskBased Security, involved Udemy‘s Talentbuddy.co. RBS writes: In total, there have been 38,791 users accounts from the talentbuddy.co website and a further 22,761 users from the Talentguide.co website exposed, with usernames, email addresses, passwords, Linkedin profile information, and other site-related information such as registration dates,…
Nulled.io crime forum breach could cause a world of pain for members
Dan Goodin reports: A website that openly facilitated the brokering of compromised passwords, stolen bitcoins, and other sensitive data has been hacked, exposing login data, IP addresses, e-mail addresses, purchase histories, and private messages for some 500,000 members. Nulled.io, a hacker forum that used the tagline “expect the unexpected,” was compromised earlier this month in…
John McGuinness says HSE in “serious breach of data protection” as patient files stored in unlocked outhouses
MaryAnn Vaughan reports: A Kilkenny Dáil Deputy says the HSE locally has seriously breached Data Protection. John McGuinness says it was brought to his attention that there are boxes of patient and HSE workers’ files stored in unlocked outhouses at the site of their auxiliary hospital on Wolfe Tone Street in Kilkenny. Read more on…
Besa Mafia: Hitman For Hire Site Hacked, Data Dumped
RiskBased Security writes: News reports of websites being hacked and data being leaked has become an all too common occurrence. Most of the press focuses on popular or well known sites, rarely touching on leaks from sites that reside in the recesses of the “deep web” or “dark web”, accessible only by means such as…
Florida Medical Clinic, PA notifies 1,000 patients after Greenway Health error exposed PHI
The following statement was posted by Florida Medical Clinic, PA on their web site. The incident was reported to HHS on May 4 as impacting 1,000 patients. Please be advised from November 18th, 2015 to January 6th, 2016 your Florida Medical Clinic, PA patient due balance statement (sample statement attached) was accessible to industrial account…