Jay Willett reports: COVID-19 vaccination clinics scheduled on Northeastern University’s Boston campus have been cancelled following the discovery of registrants’ personal information being exposed by Pelmeds, a third-party vaccine provider. In a statement shared with WBZ NewsRadio, Northeastern said that the information was present on Pelmeds’ website. “As soon as the university became aware of…
Category: Exposure
LINE Pay leaks data from approximately 133,000 users to GitHub of all places
Sunaina reports: LINE Pay, a smartphone payment provider, announced yesterday that between September and November of this year, approximately 133,000 users’ payment details were inadvertently published on GitHub. A research group employee accidentally uploaded files detailing participants in a LINE Pay promotional programme staged between late December 2020 and April 2021 to the collaborative coding…
Tulane University crime data breach exposes health records, sexual assault victims’ names
Missy Wilkinson Reports: Health records and names of people who visited Tulane University Medical Center’s emergency department, including for attempted suicide. Graphic information about sexual assaults and the identities of the victims, witnesses and suspects. All this and other sensitive information protected under federal privacy laws was visible to anyone with a Tulane email address…
Sensitive information of 30k Florida healthcare workers exposed in unprotected database
Jonathan Greig reports: More than 30,000 US healthcare workers’ personal information was recently exposed due to a non-password protected database, according to security researcher Jeremiah Fowler and a team of ethical hackers with Website Planet. Fowler discovered a database run by Gale Healthcare Solutions with 170,239 exposed records that included names, emails, home addresses, photos and in some…
Oops! County explains how driver’s licenses were posted in place of animal adoption photos
Jakob Emerson reports: Sangamon County Animal Control (SCAC) is embroiled in a community controversy once again. SCAC is responsible for the sharing of uncensored photos of Illinois driver’s licenses to the internet in the place of photos of animals available for adoption at the facility. Anyone in the world with an internet connection could see photos, names,…
Kentucky Energy and Environment Cabinet announces data security breach
Seth Austin reports: The Kentucky Energy and Environment Cabinet (EEC) announced they discovered a data security breach on September 8, 2021. According to EEC, unredacted mining permit applications containing some mine owners’ and controllers’ personal information was available for public inspection at Department of Natural Resources’ field offices and on an EEC hosted website. Internal…