Tom Jowitt reports: Marks & Spencer temporarily suspended its website on Tuesday night after “technical difficulties” that exposed customer information to other website users. But the British retailer insisted that its website was not hacked by outside third parties, and there is no security risk for affected customers. Read more on TechWeek Europe.
Category: Exposure
UK: Another ‘data disaster’ at Islington Council after third major breach in four years
James Morris reports: An investigation has been launched after yet another data leak by Islington Council. On Sunday, it emerged personal information about penalty charge notices was freely available on the council’s parking appeals website. Information included scanned cheques, medical information to justify appeals – and even one person’s prison record. It is the council’s…
National University Hospital of Iceland (Landspítali) sued over privacy breach
The Iceland Monitor reports: A Vietnamese national previously denied residence in Iceland owing to suspicions that her marriage was a sham will now be allowed to stay. Controversy has emerged over how the Directorate of Immigration received the information about the couple on which the previous decision to deny residence was based. According to the…
The Guardian Email Gaffe Exposes Email Addresses of 501 App Beta Testers
Oops. The Guardian was forced to apologize this morning after it inadvertently exposed the email addresses of 501 people (including myself) who volunteered to beta test an upcoming version of the publication’s iOS app. The email addresses were located in the “to” field of the email announcing the beta test instead of the more appropriate “BCC”…
AR: Nephropath notifies patients of potential compromise of PHI
Little Rock-based Nephropathology Associates, PLC (“Nephropath”) notified HHS of a breach impacting 1,260 patients. In a substitute notice on their web site, they explain: On July 30, 2015 a Nephropath employee inadvertently transmitted a data-set including both Protected Health Information (PHI) and de-identified information to a vendor via unsecured e-mail. The vendor was the intended recipient of the…
Miami-Dade patient information compromised
Daniel Chang reports: About 150 clients of the Florida Department of Health’s Children’s Medical Services program in Miami-Dade may have had their personal information compromised after vendors were faxed a clinic roster containing names, birth dates and membership numbers, agency officials reported Friday. […] The breach occurred when four vendors that provide services to the…