For lo, these many years, DataBreaches.net has been reminding everyone that not all leaks or breaches involving medical or sensitive personal health information are covered by HIPAA. Today’s story is a reminder of that. vpnMentor recently contacted DataBreaches.net about a leak their research team, led by Noam Rotem and Ran Locar, had discovered. The leak…
Category: Exposure
620 applicants file joint case against IT firm which exposed voter data
Here’s a follow-up to a data leak incident that may have escaped our attention as the pandemic was absorbing a lot of attention and the news cycle in April: More than 620 claimants have come together to file a joint lawsuit against an IT firm which exposed personal data of more than 337,000 voters in…
HI: Potential data breach exposed in state’s travel exemption request system
HNN Staff report: The state is investigating a potential breach of data within one of their systems tied to the Attorney General’s office. Nearly 150 individuals who applied for a travel exemption through the state Attorney General’s website were notified Friday about the potential breach. It impacts applicants between Sept. 18 and Sept. 21. Read…
A prison video visitation service exposed private calls between inmates and their attorneys
Zack Whittaker reports: Fearing the spread of coronavirus, jails and prisons remain on lockdown. Visitors are unable to see their loved ones serving time, forcing friends and families to use prohibitively expensive video visitation services that often don’t work. But now the security and privacy of these systems are under scrutiny after one St Louis-based prison video visitation provider…
Dr Lal PathLabs, one of India’s largest blood test labs, exposed patient data
Zack Whittaker and Manish Singh report: Dr Lal PathLabs, one of the largest lab testing companies in India, left a huge cache of patient data on a public server for months, TechCrunch has learned. The lab testing giant, headquartered in New Delhi, serves some 70,000 patients a day, and quickly became a major player in testing…
0x00sec – Security Incident Notification – September 30th 2020
Dear 0x00sec Users, We are writing to you with important information regarding a recent security incident involving your personal information from https://0x00sec.org 12. We became aware of the incident September 7th, 2020, when a security researcher from Thug Crowd privately disclosed to us that our S3 bucket containing database backups was publicly accessible. The S3 bucket was…