The Cornwall council accidentally published the personal details of five schoolchildren in publicly accessible meeting documents. Cornwall Council has apologized for the data breach, including their names, addresses, and dates of birth. It made the error when it published online documents for a meeting of its School Transport Appeals Committee. Source: InformationSecurityBuzz.
Category: Exposure
No need to hack when it’s leaking, Saturday edition: Cincinnati inadvertently posted employees’ personal data online
Dan Horn reports: Personal information for more than 2,000 current and former Cincinnati city employees appeared online for almost two weeks in April because of a mistake, city officials said Friday. The employee data includes names, addresses, insurance information and, in some cases, Social Security numbers. Read more at Cincinnati.com
Anonymous Social Media App Yik Yak Exposed Users’ Precise Locations
Lorenzo Franceschi-Bicchierai reports: The anonymous message board app Yik Yak is designed in a way that it is possible to get the precise location of a user’s post, and see users’ unique IDs, potentially allowing someone to dox and stalk users, according to a researcher. […] In April, David Teather, a computer science student, analyzed…
Boca Raton Attorney Allegedly Leaked Clients’ Confidential Files
Joshua Ceballos reports: All Priscilla Haring wanted from her divorce attorney, Richard Glenn Ozelie, was a divorce. But, according to her complaint filed in Broward civil court in March, what she got instead was scores of confidential files belonging to “a minimum of 96 individuals” — a potentially huge breach of ethics by her erstwhile attorney. Read more…
Personal details of 21M SuperVPN, GeckoVPN users leaked on Telegram
Waqas reports on a leak spotted by VPNMentor: In total, the database contains 10GB worth of data from companies like SuperVPN, GeckoVPN, and ChatVPN which is now available for free download on several different Telegram groups. On May 7th, 2022, a database containing the personal details and login credentials of 21 million users was leaked…
Insufficient Data Security and Disregard for Student Data Privacy Plague the DeKalb County School District; With Commentary by Jim Siegl
Keegan Brooks writes: The DeKalb County School District has been making thousands of files containing sensitive student and staff information widely accessible to anyone in the district. Types of information exposed have included social security numbers, academic records, medical forms, course transcripts, standardized test scores, discipline records, and the 504/IEP information of students, among others….