There’s a follow-up to the breach involving the 56 Dean Street clinic in London run by the the Chelsea and Westminster NHS Trust. The breach involved a staff member accidentally exposing all recipients of an HIV newsletter in the To: field. Today, the Information Commissioner’s Office announced a monetary penalty stemming from the incident: A London NHS…
Category: Exposure
Players’ personal information exposed in U.S. Soccer’s lawsuit
This was reported in February, but I missed it. I know, I know, I’ve let you all down. Cope with it. Better late than never, though, because so much personal information gets exposed in court filings and not enough has been done to address the problem. While the information exposed in this case is not the…
Qualcomm flaw exposes millions of Android devices to data theft risk
Lucian Constantin reports: A vulnerability in an Android component shipped with phones that use Qualcomm chips puts users’ text messages and call history at risk of theft. The flaw was found by security researchers from FireEye and was patched by Qualcomm in March. However, because the vulnerability was introduced five years ago, many affected devices…
Ohio Department of Mental Health and Addiction Services (OhioMHAS) notifies patients of PHI exposure
This April 22nd notice seems to have flown under the media radar: The Ohio Department of Mental Health and Addiction Services (OhioMHAS) today notified the public of a privacy incident involving protected health information (PHI). The issue involves a February 2016 postcard sent to consumers of mental health services inviting participation in a satisfaction survey….
Google notifies employees of breach by vendor
Even Google has breaches that need to be reported. From a notification letter to Googlers that will be going out on May 9th: I am writing to follow up on an email we recently sent you about an issue that involves your personal information. The details of the issue are below. What Happened? We recently…
InvestBank UAE hack: Database containing credit card details and passport scans leaks online
The Investbank hack and data dump can’t seem to say out of the news. Jason Murdock reports: A 10GB file has been released online that purports to hold sensitive financial data compromised from the InvestBank of the United Arab Emirates (UAE). Upon initial analysis, the ZIP file contains tens of thousands of credit card numbers, names and…