Paul Farrell reports: The immigration minister, Peter Dutton, is appealing against a landmark federal court decision that found his department’s response to a major data breach of asylum seekers’ personal details was “unfair to a significant degree”. On Wednesday Crikey revealed the minister was seeking to appeal against the decision in the high court. The federal court ruling…
Category: Exposure
Danish Bank Leaves Server in Debug Mode, Exposes Sensitive Information in JavaScript Comments
Catalin Cimpanu reports: Dutch IT security expert Sijmen Ruwhof has found a pretty big blunder on the part of Danske Bank, Denmark’s biggest bank, which exposed sensitive user session information in the form of an encoded data dump, in their banking portal’s JavaScript files. Mr. Ruwhof started to research Danish banking policies out of curiosity,…
Affinity Health Plan notifies members of PHI breach
Affinity Health Plan notified 496 heads of household within Affinity’s membership on August 21, 2015, about the disclosure of some of their personal information via a mailing of Child Health Plus renewal letters. A sample of the notification letter sent to affected households can be found in this link, which explains the incident in greater detail. On…
NZ: Kiwis’ private medical information spilled in email gaffe
Simon Plumb reports: A Ministry of Health email blunder has spilled private medical information of 24,000 Kiwis. Officials are investigating how a spreadsheet of National Health Index (NHI) numbers, containing the birth and death dates of 24,092 people, was emailed to around 950 pharmacists yesterday morning. The email was supposed to be sent internally. Security…
MI: Man wants to return personal docs found in illegal dumping
Randy Wimbley reports: Illegal dumping in Detroit is not uncommon – but one case in Brightmoor is especially alarming. […] A moderate pile of junk included personal documents from the Social Security Administration and the Ferndale Housing Commission. Read more on FOX2 Detroit. The data appeared to be from 2009 – 2013, but since SSN…
Golden State Risk Management Authority notifying members of Systema Software incident
Despite having been notified almost one month ago by Chris Vickery and/or Systema Software, some entities whose databases were exposed on AWS by Systema Software still do not appear to have issued public statements about the incident. Nor have I seen any reports appearing on HHS’s public breach tool. But in a statement posted on its…