When I first saw reference to this vulnerability report, I thought it was a non-U.S. situation. But then I realized it was our government. Oops! Posted on the GSA’s web site, yesterday: System for Award Management Security Vulnerability SAM SECURITY ISSUE March 2013 Recently, U.S. GSA officials identified a security vulnerability in the System for…
Category: Exposure
FL: Jacksonville intranet breach exposed employees’ Social Security numbers
Fox30 reports from Jacksonville, Florida: A confidential document containing the social security numbers of every city employee hired after 2005, was found on an internal website. A city worker found the document and forwarded it on public officials. According to a letter sent to city council members, the employee was placed on paid administrative leave…
Interesting Bank of America data leak (updated)
Michael Kelley and Geoffrey Ingersoll report: Anonymous hackers have released 14 gigabytes of information allegedly related to Bank of America and a web intelligence firm it hired to spy on hackers and social activists last year. Emails detail how employees of TEKSystems actively watched hacker forums and social media sites for anyremotely relevant pieces of “intelligence.” Read more on Business Insider. Cyber War…
Is Kively.com revealing user info?
On February 7, a site reader alerted me to a possible problem over on Kively.com: Look at the description directory – it reveals all the PII when there is some in the descriptor. After looking at the description directory, I found myself wondering about whether some of the entries were, in fact, disclosing some PII. Instead…
Antioch district working to fix inadvertent disclosure of employee data
Paul Burgarino reports: District officials have been working to fix an inadvertent disclosure of some personal employee information that spread last week via email. While a former Antioch Unified employee was trying to pass on information about a replacement’s responsibilities at the end of the workday Jan. 18, the employee attached a file to an…
Cheyney University notifies students after e-mail attachment gaffe
The Associated Press reports that 2,100 current and former students at Cheyney University of Pennsylvania have been sent letters after an administrative e-mail sent to all students yesterday erroneously contained an attached file with their names, addresses, and Social Security numbers.