As a follow-up to a breach previously reported on this site, the Information Commissioner’s Office found that a private housing group breached the Data Protection Act by sending the personal data of 200 employees to the wrong email address. In March of this year, an employee of Spectrum Housing Group accidentally emailed a non-secure excel…
Category: Exposure
UK: 100 private documents accidentally published on police website
Martin Williams writes: Privacy breaches by the Metropolitan Police have left more than 100 documents online which contain confidential information. Names, email addresses and employment details are among the private data which can still be viewed on the Met’s website. Police publish all their responses to questions in an online disclosure log. But staff are routinely failing to…
UAE: Bank gaffe shows info of wealthy customers
Gregor Hunter reports: A bank blunder has revealed the personal email details of scores of HSBC’s high-income customers for the second time in two years. The security breach occurred after a mass email was sent on Sunday morning to 178 customers of HSBC Premier, the bank’s account level for high earners, advising them that it…
Dumfries and Galloway Council gets rap on the knuckles and undertaking for web exposure breach
From the Information Commissioner’s Office: Dumfries and Galloway Council breached the Data Protection Act by accidentally publishing a spreadsheet containing the names, salaries and dates of birth of nearly 900 current and former employees on their website, the Information Commissioner’s Office (ICO) said today. The personal information – which was mistakenly disclosed as part of…
SAISD website exposes students’ personal info (updated)
Lindsay Kastner reports: Confidential information about dozens of San Antonio Independent School District students was exposed on the Internet, apparently for months, and officials were scrambling Friday to repair the security breach. A Google search by a San Antonio Express-News reader who was checking out an unfamiliar phone number brought up the district’s “Potential Dropout…
AU: First State Superannuation fails to adequately secure online accounts, then threatens the security researcher?
First, let’s start with the breach, as reported by Darren Pauli on SC Magazine: A security researcher was questioned by NSW Police after quietly reporting a massive security gaffe to First State Superannuation that potentially exposed millions of customer accounts. Patrick Webster found he was able to access electronic superannuation notices of any customer by…