Greg Parlier reports: The Social Security numbers of 530 Polk County School District employees were available to the public online for two years until they were taken down last month, district officials said Thursday. Mike Perrone, the School District’s chief financial officer who oversees human resources, said the numbers were part of a large document…
Category: Exposure
PK: Privacy breach: ‘Hacker’ arrested for leaking private data
Asad Kharal reports: A man was arrested on Wednesday for hacking into a cellular company’s database and uploading the information of its subscribers on a website. Mubashar Shahzad, a resident of Kasur, was arrested after the National Response Centre for Cyber Crime (NR3C) of the Federal Investigation Agency (FIA) traced his IP (internet protocol) address,…
Password bug let me see shoppers’ credit cards in eBay ProStores, claims infosec bod
John Leyden reports: A serious vulnerability that potentially allowed shoplifters to empty eBay ProStores shops and swipe customer credit cards has been fixed – according to the security researcher who says he found the hole. Mark Litchfield, an infosec pro at Securatary, told us he discovered a flaw in eBay-owned ProStores that not only opened the door…
Expert Hacks Healthcare.gov in 4 Minutes
Well, no, they didn’t hack it. They didn’t even have to, it seems. Keith Koffler reports: Security consultant David Kennedy, who has testified before Congress about the flaws in Healthcare.gov that have made people’s information unsafe, revealed Monday he was able to gain access to the personal records of 70,000 Obamacare enrollees in four minutes….
UK: Family’s safety ‘put at risk’ by council’s blunder
Stef Lach reports: A father says his family’s safety was put at risk by a council blunder which saw his personal details sent to thousands of people. Renfrewshire Council wrote to the 5354 people on its approved landlords list inviting them to a Landlord Accreditation training course, but also attached a list with personal details…
CN: Website security loopholes force Ctrip to stop saving user CCV info
Si Huan reports: Ctrip will stop saving users’ credit card verification (CCV) information online after system loopholes were discovered on the travel website that led to the leak of user information and possible money loss. Shanghai-based Ctrip, China’s biggest tourism website with more than 140 million users, said yesterday that it will not save users’…