Category: Exposure

AU: Privacy Commissioner finds Act breached by super fund

Posted on by Dissent

ABC (AU) reports an update on a situation previously mentioned on this blog where simple url manipulation exposed information: A superannuation company that allowed the private details of its customers to be leaked online has been found to have breached the Privacy Act. In September last year, a flaw was discovered in First State Super’s computer systems,…

Read more

TN: Personal Records Found in Dumpster

Posted on by Dissent

Some breaches make me want to curse. This news report out of Sevierville, Sevier County in Tennessee makes me want to yell, “When the hell are businesses going to start getting fined for just dumping unshredded files with PII?” … Kim Pierce runs a video store in Sevierville and was shocked at what she found…

Read more

University of Virginia gaffe exposes student applications with Social Security Numbers

Posted on by Dissent

Ted Strong reports: Roughly 300 transcripts, some containing complete Social Security numbers, were accessible through a University of Virginia website on Tuesday morning due to an as-yet unspecified human error, university officials have confirmed. The incident came to light when a student conducting a Google search for an image of himself found his transcript online….

Read more

TalkTalk subsidiary’s customer data placed on the web in IIS whoopsie (updated with response from TalkTalk)

Posted on by Dissent

Bill Ray reports: Updated Greystone Telecom, adopted child of TalkTalk and provider of telecommunications to the business community, is unwittingly sharing customer and contract details with the world: but TalkTalk doesn’t care. The details include customer and contract prices, copies of sales orders and spreadsheets showing how things are going at the subsidiary which TalkTalk…

Read more