If you applied for a job at Sidney Regional Medical Center in Nebraska, you may be receiving a breach notification letter in the mail soon, as they’re being sent out today. On December 12, Sidney Regional Medical Center learned that a previous version of their web site had been stored on a server without proper settings…
Category: Exposure
EasyDraft notifies Bright Horizons Family Solutions customers of breach involving bank information
eCommerce payment processor EasyDraft is notifying Bright Horizons Family Solutions customers of a breach that started in October 2012 with a misconfigured server. The breach wasn’t discovered until January 2014, however, when Bright Horizons contacted EasyDraft to alert them to the problem. In their report to the New Hampshire Attorney General’s Office, lawyers for EasyDraft write: We…
UK: Wymondham College apologizes over pupils’ data breach
BBC reports: A school has apologised for a data breach in which personal information about students was sent to their teenage classmates. Sixth-form pupils at Wymondham College, Norfolk, were mistakenly sent a link to a spreadsheet intended for teachers. It included data on whether pupils had special educational needs, whether they were “looked-after” children and…
Update on the VA’s eBenefits website breach
The VA responded to my email inquiries about the recently disclosed breach involving the eBenefits web site with the following statement: The Department of Veterans Affairs (VA) takes seriously our obligation to properly safeguard personal information. During a limited period of time Wednesday evening, as part of a process to improve software supporting the joint…
‘Defect’ on VA benefits site shares vets’ personal details online
Barnini Chakraborty has an update on the Veterans Administration e-benefits website breach reported here recently: The VA issued a statement Friday afternoon acknowledging the “software defect.” “VA took immediate action upon discovering the software defect and shut the eBenefits system down in order to limit any problems,” the agency said. It also said that the…
Insecure healthcare.gov allowed hacker to access 70,000 records in 4 minutes
Darlene Storm reports: When it comes to the atrocious state of HealthCare.gov security, white hat hacker David Kennedy, CEO of TrustedSec, may feel like he’s beating his head against a stone wall. Kennedy said, “I don’t understand how we’re still discussing whether the website is insecure or not. It is; there’s no question about that.” He added,…