Patrick Boehler of the South China Morning Post reports: Hackers in China have leaked a database of an estimated 20 million hotel reservations on multiple websites and even WeChat, the wildly popular messaging service, reflecting failed government efforts to prevent massive leaks of personal data. Online security watchdog WooYun said in September that hackers had…
Category: Exposure
National American University students’ financial information exposed, but what laws protect them?
Joe O’Sullivan reports: When National American University moved from one Rapid City campus to a new location earlier this year, the school or a contractor appears to have improperly disposed of thousands of sensitive student financial records that included names, addresses, loan numbers and Social Security numbers, according to documents reviewed by the Rapid City…
NZ: Bank’s embarrassing privacy breach
Rob Kidd reports: ANZ has been left red-faced over a major privacy breach after it inadvertently sent bank statements for customers’ accounts containing hundreds of thousands of dollars to a two-year old boy. The bank botch saw Whangarei toddler Joel Morrison sent a pile of other people’s account statements, all of which contained considerably more…
Witchery pulls mobile site after customer details exposed
Sarah Michael reports: Witchery has shut down its mobile website after it was hit with a security breach that exposed customers’ personal details and orders. A glitch in the “track my order” function for online shopping opens personal details pages of other customers, and even allows them to edit the information. It also allows them…
Chicago Public Schools’ students’ health data accidentally posted online
Backy Schlikerman reports: A small amount of Chicago Public Schools’ students’ health data was accidentally posted online, but the issue is fixed, the city of Chicago announced Friday. Data collected about some 2,000 student who participate in a free vision examination program provided by the city was “incorrectly configured” and was available on the Internet,…
UK: An undertaking serves as a reminder that all employees need to be trained on data protection
The Information Commissioner’s Office (ICO) notes that an Undertaking has been signed by the Royal Borough of Windsor & Maidenhead, following an incident in which restricted information about 257 employees was disclosed on its intranet in error. The incident occurred in January of 2013 when a spreadsheet with details on employees who had not signed…