Jeremy Kirk reports: An Australian teenager who notified a public transport agency of a serious database flaw is under police investigation. Joshua Rogers, 16, of Melbourne, found a SQL injection flaw in a database owned by Public Transport Victoria (PTV), which runs the state’s transport system. The flaw allowed access to a database containing 600,000…
Category: Government Sector
ZA: Hacker reveals e-toll website security flaw
Jan Vermeulen reports that a hacker has reported a vulnerability in the SANRAL website that exposes user information: This is due to a page on the South African National Roads Agency Limited (Sanral) website which can be exploited to expose the PIN of any registered e-toll website user. The page is intended to be used…
Acting Medicaid Director Releases Information on the Incorrect Mailing of Medicaid Cards
Raleigh, N.C. – Today, Department of Health and Human Services Acting Medicaid Director Sandra Terrell released the following information regarding the incorrect mailing of 48,752 Medicaid cards to the wrong addresses: After a review of the incident, it has been determined that some Medicaid cards were incorrectly sent because of human error in computer programming and…
Social Security Customer Service Employee Indicted For Stealing Information And Money From Agency
BIRMINGHAM — December 27. A federal grand jury today indicted a Social Security Administration telephone service center employee for using his position to steal identifying information and benefits from Social Security beneficiaries, announced U.S. Attorney Joyce White Vance and Social Security Administration, Office of Inspector General, Special Agent in Charge Guy Fallen. A 14-count indictment filed…
South Carolina Health Insurance Pool reports breach after laptop stolen from independent auditor’s car (Update1)
Just what South Carolina needed – another agency breach. Chris Meller writes: … the South Carolina Health Insurance Pool has begun notifying current and previous subscribers that their information has been leaked again. According to a letter dated December 18th a laptop owned by DeLoach & Williamson, an independent auditor contracted by SCHIP, was stolen from an employee’s car on October 16, 2013….
WA: Sumner fires temporary court clerk for sending herself city data on 3,600 people
Eager new employee or something nefarious? Hopefully, the former, but in any event, this breach was detected. Kari Plog reports: The city of Sumner has fired a temporary employee after she sent information about 3,600 people, mostly residents, to her personal email. City spokeswoman Carmen Palmer told The News Tribune on Friday that an investigation…