The following press release concerns breaches that occurred five years ago. NEWARK – Acting Attorney General Andrew J. Bruck and the Division of Consumer Affairs today announced that two printing companies have agreed to pay $130,000 in penalties and to implement new security policies to resolve allegations they violated the New Jersey Consumer Fraud Act (CFA)…
Category: Exposure
Boat biz breaches itself: Brittany Ferries ‘fesses up to leaks caused by routine website update
Paul Kunert reports: It’s never good when a boat operator talks of a breach, even if in this case it’s a figurative one. Brittany Ferries has told some customers that an unforeseen technical glitch introduced after “routine” website maintenance had left their accounts wide open, potentially exposing very sensitive details to anyone who knew the…
Activists leak 600 hours of mostly Dallas police helicopter footage after city’s 22 terabyte loss of criminal case data
David Lee reports: Data transparency activists released a massive 600-hour leak of mostly Dallas Police Department helicopter footage, raising more questions about the city’s data security protocols three months after DPD admitted to a 22-terabyte deletion of case data that resulted in the release of criminal defendants awaiting trial. Distributed Denial of Secrets — a…
Human error blamed for Eastern Ontario school board data breach
Shawna O’Neill reports: Last Saturday evening, an email with a link to private information was sent from the Catholic District School Board of Eastern Ontario to parents and guardians of St. Joseph Catholic Secondary School students. This email is said to have included a link to a document with personal information about hundreds of students…
Private proof-of-vaccine app Portpass continues to expose personal data even after relaunch and updates
Robson Fletcher reports: Personal information belonging to more than 17,000 users of the private proof-of-vaccination app Portpass is still unsecured and visible online — including, in some cases, photos of drivers’ licences and passports — despite assurances from the company that its data-security problems have been fixed. The Calgary-based smartphone app was temporarily taken offline in late September…
Over 400,000 German Students Data Leaked by a Flawed API
Manikanta Immann reports: Scoolio is a german app for students, used mainly for educational updates, record keeping, and networking. After informing the flaw to Scoolio’s developer, a fix was released this week to patch the bug. […] In September, a security researcher named Lilith Wittmann of Zerforchung firm has discovered a flawed API in Scoolio, through which she was able…