Julien Gignac reports: Roughly 400 Yukon government employees may have been affected by a recent privacy breach, according to a spokesperson at the Department of Finance. […] According to a government-issued notice obtained by CBC, a problem occurred during the processing of T4 and T4A slips that may have caused information such as Social Insurance…
Category: Exposure
MN: RCTC students birthdates released in data breach
Erich Fisher reports that Rochester Community Technical College discovered it had twice made errors in responding to semi-annual public records requests from LexisNexis: A data breach at Rochester Community Technical College was identified and remedied on March 31 after it was discovered that a third-party company had received the birthdates of 5,392 students. No other…
Peloton’s leaky API let anyone grab rider’s private account data
Zack Whittaker reports: Halfway through my Monday afternoon workout last week, I got a message from a security researcher with a screenshot of my Peloton account data. My Peloton profile is set to private and my friend’s list is deliberately zero, so nobody can view my profile, age, city, or workout history. But a bug allowed…
Ph: 345,000 sensitive legal documents from the PH government have been exposed online
Vittoria Elliott reports: For at least two months, some 345,000 sensitive court documents from the Office of the Solicitor General of the Philippines related to ongoing legal cases were made publicly available online and could have been accessed by anyone who knew where to look, according to the UK security company TurgenSec, which identified the data…
GitHub Leaks: Lessons Learned
Marianne Kolbasuk McGee reports: Recent incidents involving inadvertent exposure of patient data on GitHub, a software development and version control platform designed for collaboration, point to the need to ensure that data loss prevention tools are implemented, available security controls are leveraged and employees are made aware of the risks involved in using internet-facing platforms….
Contact tracing data breach exposes health information of 72,000 Pennsylvanians
Rachel Yonkunas reports: Multiple investigations are underway after a contact tracing data breach exposed personal health information of 72,000 Pennsylvanians. The unsecured information was collected by employees of Insight Global—the company paid around $30 million in taxpayer money to perform contact tracing in the state. “You could see people’s phone numbers, how many kids they…