The Information Commissioner’s Office (ICO) has criticised the Student Loans Company Limited after a series of data breaches involving customers’ records. The business reported several incidents where information held about customers, including medical details and a psychological assessment, had been sent to the wrong people. An ICO investigation found that not enough checks were carried…
Category: Exposure
White House mistakenly identifies CIA chief in Afghanistan
Yes, this counts as an insider/human error breach: The CIA’s top officer in Kabul was exposed Saturday by the White House when his name was inadvertently included on a list provided to news organizations of senior U.S. officials participating in President Obama’s surprise visit with U.S. troops. The White House recognized the mistake and quickly…
San Diego State University notifies students of information exposure
So as if we didn’t have enough breaches in higher education recently, San Diego State University is notifying students who were enrolled in Pre-College Institute programs that their name, Social Security number, date of birth, address, and other personal information was in a database that enabled any computer connected to the SDSU wired network (offices,…
American Dental Association notifies some DENTPIN users of breach
The American Dental Association is notifying some professionals and students who have DENTPIN identifiers that their personal information may have been exposed to others. DENTPIN identifiers are used to enable professionals and students to register for tests or request their test scores. On April 30, the ADA upgraded its website, including the DENTPIN database. That…
UK: University of Nottingham mistakenly sends e-mail containing personal details of job applicants
Marcus Boocock reports: Confidential details of thousands of job applicants were mistakenly sent via e-mail by the University of Nottingham. An attachment sent to users of the university’s job site contained the names of 4,751 people who had applied for a job there. It also listed whether they had been successful. A spokesman for the…
Lowe’s notifying employees whose personal information was exposed on Internet by vendor error (updated)
Lowe’s is notifying some current and former vehicle drivers as well as employees who access and administer a driver file system that their personal information was exposed on the Internet for nine months. In their notification letter dated today, Scott Purvis, Vice President of Human Resources for Lowe’s writes: Lowe’s contracts with a third-party vendor to provide a…