Bob Diachenko writes: On Feb 19, 2019, I have discovered a MongoDB that required no password. The database was located in an India region which (along with other data) also contained highly sensitive information collected on 458,388 individuals located in Delhi. A 4.1GB-sized database had been indexed by Shodan and was left unattended for public…
Category: Government Sector
IRS employee charged with unlawful disclosure of SARs: Analyst Provided Information to a Los Angeles Attorney and a New York Reporter
SAN FRANCISCO – A federal criminal complaint, filed on February 4, 2019, was unsealed in San Francisco today, charging John C. Fry with unlawful disclosure of Suspicious Activity Reports, announced United States Attorney David L. Anderson and United States Department of the Treasury, Treasury Inspector General for Tax Administration (TIGTA), Special Agent in Charge Rod…
PA: Malware breach strikes Chester County computers
Michael P. Rellahan reports: A breach of Chester County government’s computer system via an internet bug led to intense work by county computer specialists over the Presidents Day weekend, but apparently has not led to any compromise of users’ information, a county spokesperson said Tuesday. Chester County’s Department of Computing and Information Services (DCIS) detected…
India’s state gas company leaks millions of Aadhaar numbers
Zack Whittaker reports: Another security lapse has exposed millions of Aadhaar numbers. This time, India’s state-owned gas company Indane left exposed a part of its website for dealers and distributors, even though it’s only supposed to be accessible with a valid username and password. But the part of the site was indexed in Google, allowing…
Personal info exposed after State of Ohio sends wrong tax forms to 9,000 people
Sarah Wynn reports: The Ohio Department of Commerce says thousands of letters were sent by the state to those who qualify for unclaimed funds, but the letters were sent to the wrong people. The letters include personal information, including names and social security numbers, according to the state. “Due to a processing error, approximately 9,000…
Potential privacy lapse found in Americans’ 2010 census data
Seth Borenstein of AP reports: An internal team at the Census Bureau found that basic personal information collected from more than 100 million Americans during the 2010 head count could be reconstructed from obscured data, but with lots of mistakes, a top agency official disclosed Saturday. The age, gender, location, race and ethnicity for 138…