David Karas reports: Officials at The College of New Jersey this week reported an unintentional data breach in the On-Campus Student Employment System, an in-house system designed to store information about students applying for on-campus jobs. According to a notice sent to students and faculty Monday, a vulnerability in the system was identified Nov. 2…
Category: Exposure
Update: Lone Star Steakhouse settles complaint by Kansas AG; management firm pay $200,000 for improperly dumping employee records
Back in March, I covered a breach involving Lone Star Business Solutions. Now KWCH reports that as a result of their news coverage and a resulting investigation by the Attorney General Derek Schmidt, LS Management, the management firm for Lone Star Steakhouse, will pay a fine of $200,000 – the largest consumer protection fine ever…
United Nations: usernames, passwords, and e-mail addresses leaked on the Internet (update2)
The hacker who self-identifies as “TriCk – TeaMp0isoN” has posted a statement on Pastebin about the United Nations with a leak of some of their data. The hack was announced on Twitter by @_TeaMp0isoN about 9 hours ago. A prefactory statement to the data dump says: A Senate for Global Corruption, the United Nations sits to…
NZ: Kaeo Primary School privacy breach ‘an error’
Joseph Aldridge reports: The principal of a small Northland school who posted private student information online says it was done “in error” and he removed it from the school website as soon as he was informed. Kaeo Primary School’s Paul Barker said he mistakenly posted a “teachers only” version of student achievement information on the…
UK: Council files dumped in Telford bin
Confidential council files, some containing sensitive personal data, have been found dumped in a bin in Telford. Telford & Wrekin Council said an immediate investigation was launched after the documents – 58 in total – were found by a member of the public. Officers were today contacting all the people whose data was included to…
UK: ICO levies two monetary fines to councils for e-mail gaffes that exposed sensitive information
The The Information Commissioner’s Office (ICO) has served monetary penalties to North Somerset Council and Worcestershire County Council after staff at both authorities sent highly sensitive personal information to the wrong recipients. The news comes as the Information Commissioner is pressing for stronger powers to audit data protection compliance across local government and the NHS….