Ally Marotti and Bowdeya Tweh report: The Forest Hills School District had a computer security breach earlier this month, where information on all of the district’s more than 9,000 students was accidentally sent to most district parents. District officials Friday told parents about the breach that included student identification numbers, home addresses and parent email…
Category: Exposure
UK: Lincolnshire County Council apologizes to 4,000 people for breach
David Ionescu reports: Lincolnshire County Council is apologising after a ‘data breach’ which led to the names and email addresses of more than 4,000 people being sent to some 250 email addresses. The incident happened on August 6 when 250 people received an email regarding changes to the County Council’s jobs site, to which the…
Oops! Mozilla left thousands of email addresses and passwords lying around (again)
Graham Cluley reports: At the beginning of August members of the Mozilla developer community were warned that approximately 76,000 email addresses and 4,000 encrypted passwords had been left on a publicly accessible server for 30 days. For most organisations, that would be embarrassing enough. But security screw-ups can be like buses, you can wait for ages noticing…
Federal police mistakenly publish metadata from criminal investigations
Paul Farrell reports: The Australian federal police mistakenly published highly sensitive information – including metadata – connected to criminal investigations, in a serious breach of operational security. Guardian Australia can reveal that the AFP provided documents to the Senate, which were then made publicly available online on parliamentary sites and other sources for several years,…
Virginia federal court holds that online posting of patient medical information constitutes “publication” sufficient to trigger a general liability insurer’s duty to defend
Hunton & Williams write: On August 7, 2014, the United States District Court for the Eastern District of Virginia held in Travelers Indemnity Company of America v. Portal Healthcare Solutions, LLC, No. 1:13-cv-917 (E.D. Va. Aug. 7, 2014), that online posting of patient medical information constituted “publication,” whether or not it was viewed by a third…
Ca: Privacy breach at northeast Calgary school prompts investigation (updated)
Tamara Elliott reports: An investigation has been ordered, following a major privacy breach at a Calgary school. Parent Jaret Kneller said he was shocked when he opened an e-mail sent by the new principal at George P. Vanier School in the northeast community of Winston Heights-Mountview. Instead of the introductory letter that was supposed to…