Bret Kelman reports: For nine months, the confidential data just sat there, where hundreds of employees could reach it. The identities of thousands of Tennesseans with HIV or AIDS, both living and dead, were listed in a computer database kept on a server accessible to the entire staff of the Nashville Metro Public Health Department. But…
Category: Government Sector
A dumb security flaw let a hacker download US drone secrets
Matt Burgess reports: A hacker used a basic security vulnerability to access highly sensitive files relating to the US military’s spy drones and tanks, new research claims. Security firm Recorded Future says it discovered a criminal attempting to sell the secret information for only a few hundred dollars on a dark web forum last month….
DOJ backtracks on linking OPM hack to loan fraud case
From the not-surprised dept.: I had suggested previously that claims that data used in identity theft came from the OPM hack were not very convincing. Now the government has walked back any claim that the data did come from the OPM hack. Mark Rockwell reports: The Justice Department said it jumped the gun with a…
Only researchers accessed the exposed 211 call logs – Los Angeles County
There is a follow-up to an incident involving exposed Los Angeles County 211 call logs. The misconfiguration had been discovered by UpGuard and was reported in May. Now the County has submitted its report to the California Attorney General’s Office. It states, in part: Our investigation determined that the incident was caused by an employee…
NZ: Privacy breach at Disputes Tribunal
Ugh. Shane Cowlishaw reports: A sensitive case file that was misplaced at a Night and Day convenience store left a woman “understandably upset” after it was sent to the man she was locked in a dispute with. Shane Cowlishaw reports. Details of the privacy breach were revealed in a briefing to Justice Minister Andrew Little,…
WI: Manitowoc County data breach affected personal health, medical information
Alisa M. Shafer reports: Manitowoc County officials have released more information about a data breach of a Manitowoc County email account in January. The press release from June 22 states: “On or around January 14, 2018, an unauthorized party was able to gain access to a Manitowoc County email account most likely through what is called…