In April 2019, Puerto-Rico headquartered Inmediata issued a press release concerning a data leak it had discovered in January of that year. The business associate’s press release explained, in relevant part: In January 2019, Inmediata became aware that some electronic health information was viewable online due to a webpage setting that permitted search engines to index…
Category: Exposure
Donation site for Ottawa truckers’ ‘Freedom Convoy’ protest exposed donors’ data
Zack Whittaker reports: The donation site used by truckers in Ottawa who are currently protesting against national vaccine mandates has fixed a security lapse that exposed passports and driver licenses of donors. […] TechCrunch was tipped off to the data lapse after a person working in the security space found an exposed Amazon-hosted S3 bucket…
Illinois Housing Development Authority addresses data breach
WCIA reports: The Illinois Housing Development Authority issued a statement today addressing a security breach of its rental payment web portal last week. The IHDA became aware of the breach on Feb. 1. when some tenant applicants were able to see documents submitted by other applicants. The IHDA immediately took the portal offline and blocked…
UK: Data breach as Corby vaccine trial participants’ details inadvertently shared in email gaffe
Sam Wildman reports: A Corby medical research team has apologised after those taking part in the town’s Covid vaccine trial inadvertently had their details shared. Lakeside Healthcare Research has been running a trial of a new Valneva vaccine since last year, with Corby being one of 27 UK study sites. Read more at Northamptonshire Telegraph
Security issue may have made some personal information vulnerable on WSDOT system
OLYMPIA – A vulnerability involving a Washington State Department of Transportation system may have exposed personal information stored in an internal database of about 2,200 people, and the agency is reaching out to help notify them of the incident. It is not known if anyone obtained the information for illegal use, and the vulnerability within…
Securitas misconfiguration exposed airport employee info
From SafetyDetectives: The SafetyDetectives cybersecurity team discovered a critical data leak affecting the prominent multinational security company, Securitas…. One of the company’s Amazon S3 buckets was left open, exposing over 1 million files. The data we observed related to airport employees from different sites across Colombia and Peru, and there could be entities from other nations with…