NL Times reports: Due to a major leak at the coronavirus testing company Testcoronanu, it was possible for anyone to create their own Covid vaccination or test certificate, RTL Nieuws reported on Sunday. Additionally, private details from about 60 thousand people who took a coronavirus test at this company had been leaked. The company is…
Category: Exposure
Ca: Revelstoke Mountaineer white-hat notification of data security issues causes City of Revelstoke to disable emergency notification system
Aaron Orlando reports: The City of Revelstoke has disabled its emergency notification system after revelstokemountaineer.com notified the city of data security issues with the system. The city’s opt-in emergency alert system sends emails or text messages to subscribers. The system notifies subscribers on a range of city communications, including emergency communications. Read more on revelstokemountaineer.com….
HHS warns entities; patients file potential class action lawsuit over PACS breach
HHS recently issued an alert about a known vulnerability allowing access to some picture archiving communications systems (PACS). The vulnerability had been reported two years ago, and again months later, and there had been updated alerts since then. HHS is advising entities to address this as a priority now if they have not done so…
UK: ICO fines transgender charity for data protection breach exposing sensitive personal data
Bigger companies may pay bigger fines, but smaller fines do not mean smaller impact when it comes to dealing with sensitive information, as in this case. The Information Commissioner’s Office (ICO) has fined transgender charity Mermaids £25,000 for failing to keep the personal data of its users secure. The ICO’s investigation began after it received a…
NZ: Whanganui DHB apologizes after vaccine privacy breach
Mike Tweed reports: Whanganui District Health Board has apologised for a privacy breach that accidentally disclosed the email addresses of about 200 people. The health board has been inviting people in Group 3 for their Covid-19 vaccine via text, letter and email, but last week an email was sent without the use of the blind…
Norwegian DPA: Moss Municipal Council fined
The Norwegian Data Protection Authority has imposed a EUR 50,000 (NOK 500,000) fine on Moss Municipal Council for failing to adequately protect personal data. The error has been corrected and the case closed. In connection with the amalgamation of the municipalities of Rygge and Moss in January 2020, efforts were made to combine the use…