Jessica Masulli Reyes reports that Vernon Township in New Jersey is suing the recipients of an inadequately redacted email attachment with town employees’ Social Security numbers. They are also reportedly suing the newspaper that published a story about the breach. Riiiiight…. Reyes writes: The lawsuit, filed by Kevin Kelly in state Superior Court in Newton…
Category: Exposure
Xbox Entertainment Awards blighted by security breach
Ben Parfitt reports: Microsoft has this morning been hit by a security breach of its Xbox Entertainment Awards 2013 service. MCV was contacted by a reader with a link to a page that appeared to list all those who had voted and therefore been entered into the prize draw. The data included names, gamertags, emails…
General Services Administration discloses vulnerability; starts notifying those potentially affected
When I first saw reference to this vulnerability report, I thought it was a non-U.S. situation. But then I realized it was our government. Oops! Posted on the GSA’s web site, yesterday: System for Award Management Security Vulnerability SAM SECURITY ISSUE March 2013 Recently, U.S. GSA officials identified a security vulnerability in the System for…
FL: Jacksonville intranet breach exposed employees’ Social Security numbers
Fox30 reports from Jacksonville, Florida: A confidential document containing the social security numbers of every city employee hired after 2005, was found on an internal website. A city worker found the document and forwarded it on public officials. According to a letter sent to city council members, the employee was placed on paid administrative leave…
Interesting Bank of America data leak (updated)
Michael Kelley and Geoffrey Ingersoll report: Anonymous hackers have released 14 gigabytes of information allegedly related to Bank of America and a web intelligence firm it hired to spy on hackers and social activists last year. Emails detail how employees of TEKSystems actively watched hacker forums and social media sites for anyremotely relevant pieces of “intelligence.” Read more on Business Insider. Cyber War…
Is Kively.com revealing user info?
On February 7, a site reader alerted me to a possible problem over on Kively.com: Look at the description directory – it reveals all the PII when there is some in the descriptor. After looking at the description directory, I found myself wondering about whether some of the entries were, in fact, disclosing some PII. Instead…