WTSP reports: An error while processing statements might have led to a breach of personal information for clients of CarePlus Health Plans. On Sept. 18, the company was notified some personal information may have potentially been compromised when CarePlus Late Enrollment Penalty Premium Statements were processed and mailed on Sept. 11. A machine was programmed to insert…
Category: Exposure
IE: Gorey Credit Union says accounts not affected by email gaffe
Independent.ie reports: Gorey Credit Union confirmed this week that it has been in touch with the Data Protection Commissioner, after email address details of a small percentage of customers were visible to other recipients when the email was sent out. The error occurred on Monday when the mail was sent to inform customers about the…
Email error results in data breach notification from Vacaville Housing Authority
So it seems the Vacaville Housing Authority had a data breach on August 24th due to an employee attaching a file with Social Security numbers to an email that was sent to the wrong party. Thankfully, the recipient notified the VHA and deleted the errant email. VHA is offering credit protection to those notified. And if you want to…
Why an Internet activist refuses to take down Patreon breach data
Sean Sposito reports on why Thomas White, who posted the Patreon data dump on his site, TheCthulhu.com, refuses to take it down. Despite the legal risk, White said, the public has a right to know exactly what data has been exposed — and researchers should be able to safely examine it to find out how it happened. Could white…
AU: Peter Dutton appeals against ruling on asylum seeker data breach
Paul Farrell reports: The immigration minister, Peter Dutton, is appealing against a landmark federal court decision that found his department’s response to a major data breach of asylum seekers’ personal details was “unfair to a significant degree”. On Wednesday Crikey revealed the minister was seeking to appeal against the decision in the high court. The federal court ruling…
Danish Bank Leaves Server in Debug Mode, Exposes Sensitive Information in JavaScript Comments
Catalin Cimpanu reports: Dutch IT security expert Sijmen Ruwhof has found a pretty big blunder on the part of Danske Bank, Denmark’s biggest bank, which exposed sensitive user session information in the form of an encoded data dump, in their banking portal’s JavaScript files. Mr. Ruwhof started to research Danish banking policies out of curiosity,…