Shawna O’Neill reports: Last Saturday evening, an email with a link to private information was sent from the Catholic District School Board of Eastern Ontario to parents and guardians of St. Joseph Catholic Secondary School students. This email is said to have included a link to a document with personal information about hundreds of students…
Category: Exposure
Private proof-of-vaccine app Portpass continues to expose personal data even after relaunch and updates
Robson Fletcher reports: Personal information belonging to more than 17,000 users of the private proof-of-vaccination app Portpass is still unsecured and visible online — including, in some cases, photos of drivers’ licences and passports — despite assurances from the company that its data-security problems have been fixed. The Calgary-based smartphone app was temporarily taken offline in late September…
Over 400,000 German Students Data Leaked by a Flawed API
Manikanta Immann reports: Scoolio is a german app for students, used mainly for educational updates, record keeping, and networking. After informing the flaw to Scoolio’s developer, a fix was released this week to patch the bug. […] In September, a security researcher named Lilith Wittmann of Zerforchung firm has discovered a flawed API in Scoolio, through which she was able…
Government data breach exposes Afghans to more danger
Evan Dyer reports: The names of several hundred vulnerable Afghans seeking refuge from the Taliban were recently leaked in emails sent in error by Immigration, Refugees and Citizenship Canada (IRCC), CBC News has learned. The Afghans in question fear reprisals from the Taliban, who took over the country in August. Some are in hiding because…
Data breach leads to £10k fine for Scottish charity
Graham Martin reports: A prominent Scottish charity has been fined £10,000 for a data protection breach. The action was taken after HIV Scotland sent out an email containing the personal details of dozens of people. The breach involved an email to 105 people, including patient advocates representing people living in Scotland with HIV. Read more…
Ohio State University email gaffe creates a FERPA breach
An email gaffe due to not using bcc: instead of cc: or TO: revealed almost 400 Ohio State University students’ disability status to other students. Read the story on The Lantern. Note that this is a FERPA issue, and there really is no requirement for breach notification to those impacted, but the unintended disclosure needs…