Joe Patrice reports: Law firms must always be supremely cautious with private information, but you can’t help but think a firm would add that little extra attention to the task when their client has already been sued for a data breach. Not only would another leak damage the client’s reputation further, you already know that…
Category: Exposure
Zocdoc says ‘programming errors’ exposed access to patients’ data
Zack Whittaker reports: Zocdoc says it has fixed a bug that allowed current and former staff at doctor’s offices and dental practices to access patient data because their user accounts weren’t properly decommissioned. The New York-based company revealed the issue in a letter to the California attorney general’s office, which requires companies with more than 500 residents…
Riagg files of thousands of patients open and exposed in a basement
The this post uses machine translation of a report in Dutch. It concerns the discovery of patient files on CDs found unsecured in the basement of a building that, until 2015, was a former mental health institution — the Riagg Rijnmond Foundation. Rutger de QuayRik Wassens report that the young man who found the files…
NY: EMT posted patient’s confidential info from ambulance, alleges lawsuit
The Staten Island Advance reports: Thanksgiving 2019 is a day one Stapleton resident will never forget. But for all the wrong reasons. An emergency medical technician posted Jermaine Williams’ confidential medical information and cell-phone number online that night without his consent, a lawsuit alleges. And others saw it, William’s lawyer said. At the time, Williams…
Data of 100+ million Android users exposed via misconfigured cloud services
Ionut Ilascu reports: Security researchers discovered that personal data of more than 100 million Android users has been exposed due to various misconfigurations of cloud services. The data was found in unprotected real-time databases used by 23 apps with download counts ranging from 10,000 to 10 million and also includes internal developer resources. Read more…
Recruiter’s Cloud Snafu Exposes 20,000 CVs and ID Documents
Phil Muncaster reports: Tens of thousands of jobseekers have had their personal information exposed by a misconfigured cloud account, according to researchers. A team at Website Planet discovered the AWS S3 bucket left unprotected and unsecured by FastTrack Reflex Recruitment, now TeamBMS. The firm apparently specializes in recruitment for the building management systems sector, for projects including skyscrapers…