Credit reporting giant Equifax is notifying some consumers that some of their personal information may have erroneously been sent to other individuals due to a technical error during a software change. Equifax discovered the problem on March 15, and notes that they attempted to call all recipients of the inadvertent disclosures to recover the files…
Category: Exposure
Franklin & Marshall to notify 356 students whose SSNs were exposed online for two years
There’s been another breach in the education sector, this one involving Franklin & Marshall College in Lancaster, PA. On March 19, F&M was notified that two Excel sheets with 356 students’ full names and Social Security numbers was exposed on the public portion of their eDisk network. The files were promptly removed. An investigation revealed…
Change.org springs a leak, exposes private e-mail addresses [updated]
Earlier this week, Dan Goodin reported: Online petitions service Change.org has a website bug that’s disclosing e-mail addresses that presumably belong to current or former subscribers. Search results suggest the number could be thousands, but a Change.org official said it was about 100. The disclosure bug was active at the time this post was being…
Horrific privacy breach by Tewksbury Public Schools
Cross-posted from PogoWasRight.org. Okay, this is really bad, on multiple levels. Brendan Foley and Jayne Miller report: Tewksbury Public Schools face angry parental backlash following the release of private student information online last week. A document included in a 222-page School Committee packet remained online for the better part of a week, before being taken…
CA: Email error exposes 845 Tulare County patients’ email addresses.
The Tulare County Health & Human Services Agency (HHSA) has announced a potential breach involving the protected health information of 845 patients seen at the Visalia and Farmersville clinics who use the online Patient Portal. The potential breach occurred on March 19, 2015, when an employee sent an email and neglected to encrypt and blind…
Auburn University notifying over 360,000 current and former students of breach
Oops. Auburn University discovered that students’ personal information – names, postal and email addresses, dates of birth, Social Security numbers, and students’ academic information – was exposed on the Internet between September 1, 2014 and March 2, 2015 when they discovered the problem. No financial information, bank account or payment card information was involved. While the university…