Sara Morrison reports: If you got a Covid-19 test at Walgreens, your personal data — including your name, date of birth, gender identity, phone number, address, and email — was left on the open web for potentially anyone to see and for the multiple ad trackers on Walgreens’ site to collect. In some cases, even…
Category: Exposure
Ottawa Hospital apologizes to unvaccinated staff for privacy breach
CBC reports: The Ottawa Hospital has apologized to unvaccinated staff after an email was sent out offering a vaccine education session with each recipient’s name visible to others. The email was sent from one of the hospital’s software systems and recalled immediately, the hospital said in a statement emailed to CBC, adding all copies of the email…
Fitness Tracker Data Exposed 61 Million Records and User Data Online
Jeremiah Fowler writes: On June 30th, 2021 the WebsitePlanet research team in cooperation with Security Researcher Jeremiah Fowler discovered a non-password protected database that contained over 61 million records belonging to users around the world. The massive amount of exposed records were related to IOT health and fitness tracking devices. Upon further investigation there were multiple references…
McDonald’s email blunder broadcasts database creds to comedy competition winners
Gareth Corfield reports: McDonald’s customers who won a prize draw competition got more than they hoped for after the burger chain emailed them login credentials for development and production databases used to power the campaign. The first person to report the blunder to McDonald’s, startup founder Connor Greig, told The Register: “It’s a bit weird,” adding…
SANSA breach: International hacker group claims responsibility for Space Agency leak
Storm Simpson reports: A new internet hacking group has claimed responsibility for a data breach at the South African National Space Agency (SANSA). The group, CoomingProject, emerged recently and according to claims made on its website, it has a list of victims across the world. Read more on The South African. SANSA confirmed the breach…
Texas Right to Life website exposed job applicants’ resumes
Zack Whittaker reports: Anti-abortion group Texas Right to Life exposed the personal information of hundreds of job applicants after a website bug allowed anyone to access their resumes, which were stored in an unprotected directory on its website. A security researcher told TechCrunch that the group’s main website, built largely in WordPress, was not properly…