Graham Cluley reports: At the beginning of August members of the Mozilla developer community were warned that approximately 76,000 email addresses and 4,000 encrypted passwords had been left on a publicly accessible server for 30 days. For most organisations, that would be embarrassing enough. But security screw-ups can be like buses, you can wait for ages noticing…
Category: Exposure
Federal police mistakenly publish metadata from criminal investigations
Paul Farrell reports: The Australian federal police mistakenly published highly sensitive information – including metadata – connected to criminal investigations, in a serious breach of operational security. Guardian Australia can reveal that the AFP provided documents to the Senate, which were then made publicly available online on parliamentary sites and other sources for several years,…
Virginia federal court holds that online posting of patient medical information constitutes “publication” sufficient to trigger a general liability insurer’s duty to defend
Hunton & Williams write: On August 7, 2014, the United States District Court for the Eastern District of Virginia held in Travelers Indemnity Company of America v. Portal Healthcare Solutions, LLC, No. 1:13-cv-917 (E.D. Va. Aug. 7, 2014), that online posting of patient medical information constituted “publication,” whether or not it was viewed by a third…
Ca: Privacy breach at northeast Calgary school prompts investigation (updated)
Tamara Elliott reports: An investigation has been ordered, following a major privacy breach at a Calgary school. Parent Jaret Kneller said he was shocked when he opened an e-mail sent by the new principal at George P. Vanier School in the northeast community of Winston Heights-Mountview. Instead of the introductory letter that was supposed to…
Orange sanctioned by French regulator after customer data breach
Orange has received a public warning from the French privacy watchdog Cnil after personal details of more than a million of its customers were leaked on the internet. Orange notified Cnil of the problem in April, blaming a technical fault at one of its marketing suppliers. Almost 1.3 million customers were affected, with their name,…
Oops. Data leak not fixed as Topeka school leaders thought
Last week, I posted a privacy breach involving student data in Topeka Unified School District 501 over on PogoWasRight. It seems I missed an update, but happily, @VERISDB caught it and tweeted a link. Celia Llopis-Jepsen reports: Confidential student data continued to be available this week to unauthorized people at Topeka Unified School District 501,…