Jan Vermeulen reports that a hacker has reported a vulnerability in the SANRAL website that exposes user information: This is due to a page on the South African National Roads Agency Limited (Sanral) website which can be exploited to expose the PIN of any registered e-toll website user. The page is intended to be used…
Category: Exposure
Acting Medicaid Director Releases Information on the Incorrect Mailing of Medicaid Cards
Raleigh, N.C. – Today, Department of Health and Human Services Acting Medicaid Director Sandra Terrell released the following information regarding the incorrect mailing of 48,752 Medicaid cards to the wrong addresses: After a review of the incident, it has been determined that some Medicaid cards were incorrectly sent because of human error in computer programming and…
Omniquad Surf Wall Remote injects string into the browser user agent that identifies users – claim
Back in October 2010, I noted a breach involving managed security services provider Omniquad. Omniquad acknowledged the breach that involved helpdesk tickets leaking online, but the firm’s managing director, Daniel Sobstel, subsequently claimed that Webroot reseller Infosec Technologies started contacting his customers and passing on misleading information about the size of the data breach. Now…
Irish credit union gaffe exposed almost 5,000 customers’ loan information online
Ah, this report from December 24th slipped by me. Cormac Murphy reports: In a major blunder, the borrowing amounts, loan durations and arrears of 4,971 members of Tullamore Credit Union were made public. The private database became freely available via the lender’s website last week and remained accessible for at least two days, it is…
Washington Dept. Social & Health Services sends sensitive info to wrong addresses
Christine Claridge reports: The personal information of up to 7,000 households receiving assistance from the state Department of Social and Health Services (DSHS) was sent in error to incorrect or old addresses, according the state Economic Services Administration (ESA). The administration confirmed in a news statement released Thursday that the private information of at least…
NZAF apologises for email privacy error
The New Zealand AIDS Foundation has apologised after it accidentally shared members’ email addresses in its Christmas e-cards. “The New Zealand AIDS Foundation (NZAF) genuinely regrets that we made a human error when sending out our Christmas e-cards and mistakenly disclosed our member’s email addresses by failing to BCC all the recipients,” Executive Director Shaun…