WCIA reports: The Illinois Housing Development Authority issued a statement today addressing a security breach of its rental payment web portal last week. The IHDA became aware of the breach on Feb. 1. when some tenant applicants were able to see documents submitted by other applicants. The IHDA immediately took the portal offline and blocked…
Category: Exposure
UK: Data breach as Corby vaccine trial participants’ details inadvertently shared in email gaffe
Sam Wildman reports: A Corby medical research team has apologised after those taking part in the town’s Covid vaccine trial inadvertently had their details shared. Lakeside Healthcare Research has been running a trial of a new Valneva vaccine since last year, with Corby being one of 27 UK study sites. Read more at Northamptonshire Telegraph
Security issue may have made some personal information vulnerable on WSDOT system
OLYMPIA – A vulnerability involving a Washington State Department of Transportation system may have exposed personal information stored in an internal database of about 2,200 people, and the agency is reaching out to help notify them of the incident. It is not known if anyone obtained the information for illegal use, and the vulnerability within…
Securitas misconfiguration exposed airport employee info
From SafetyDetectives: The SafetyDetectives cybersecurity team discovered a critical data leak affecting the prominent multinational security company, Securitas…. One of the company’s Amazon S3 buckets was left open, exposing over 1 million files. The data we observed related to airport employees from different sites across Colombia and Peru, and there could be entities from other nations with…
Messages and user data from secret sharing app Whisper exposed online (again): report
Bob Diachenko reports: Two databases containing user information and messages ostensibly from the secret sharing app Whisper were exposed on the web without a password or any other authentication required to access them, according to Comparitech researchers. One of the databases appears similar to a Whisper database leaked in March 2020, which contained user’s messages…
UK: Data breach at Greensward Academy
Lewis Berrill reports: SENSITIVE information about pupils was leaked to parents and students following a data breach at a secondary school. Information such as free school meal status, address, deprivation status, exam dispensation and special educational needs of Year 11 children at Greeensward Academy in Hockley was accidentally leaked by a teacher. The information was…