Hal M. Bundrick reports: Your charitable intentions could be exposing you to identity theft. Research conducted by security firm Identity Finder has found hundreds of thousands of examples of exposed personal data contained in the annual tax returns required to be filed by tax exempt organizations. These IRS Form 990s are scanned and open to…
Category: Exposure
UK: Lucia Bar in ‘shocking’ privacy breach
Anwen Baker reports: Lucia Wine Bar and Grill have been accused of breaking data protection laws after the CVs of over 600 people, including York students, were uploaded to their website. The CVs and cover letters of 605 people who had applied online to work at Lucia, which has branches in York and Beverley, were…
AU: Multicard leaks data online in privacy breach: OAIC
Aime Chanthadavong reports: Identification card solutions provider, Multicard, has been found to have leaked the personal information of approximately 9,000 maritime security identity card (MSIC) applicants online. The Office of the Australian Information Commission (OAIC) found that Multicard stored personal information on a publicly accessible web server without appropriate security controls to prevent unauthorised access….
California man receives faxes intended for Michigan credit union containing social security numbers
Jeff Vaughn reports: Richard Woo is in the import/export business. In the past, he used an email account to verify auto parts delivered to Los Angeles– where he lives– from China. The electronic fax number hasn’t been used in months, until recently when Woo says he started receiving applications for loans meant for a Michigan…
Almost 10,000 potentially affected by Snelling Staffing breach
More information is now available on the Snelling Staffing breach that had me confused. There’s still no explanation as to why a former employee had employee information on their home computer where it might have remained undetected if it were not for the databreach, but we now know that 9,757 individuals were potentially affected by…
Dudley Metropolitan Borough Council signs undertaking after case file left at client’s home
An undertaking to comply with the seventh data protection principle has been signed (pdf) by Dudley Metropolitan Borough Council. This follows an investigation into a social worker leaving a case file containing sensitive personal data at a client’s home. According to the undertaking, the Information Commissioner’s Office was informed of the breach in March 2013. After…