Bob Diachenko reports that he found an unprotected and publicly available Elasticsearch cluster containing what appears to be 3,427,396 records of Panamanian citizens. According to Diachenko, each record in tables labeled “patient” contained the following info: full name date of birth national ID number (cedula) medical insurance number (poliza seguro medico) phone email address other…
Category: Non-U.S.
Charnwood Borough Council data breach sees residents’ personal details published online
Dan Martin reports: A council has apologised after publishing residents’ personal details online by mistake. Officials at Charnwood Borough Council failed to remove from a document names, addresses, phone numbers and email addresses of people who responded to a survey on levels of council tax to be levied on empty homes before uploading it to…
Violation of Nigerian data protection law attracts N2m fine, others
Ife Ogunfuwa reports: Nigerians and businesses’ risk losing N2m [USD $5,556.00] or more to the government for violating the Nigeria Data Protection Regulation 2019. The National Information Technology Development Agency made this known on Wednesday in a public notice signed by the Director-General/Chief Executive Officer, NITDA, Dr Isa Patanmi. […] [Pantanmi] said the penalty for…
UK: More than 2,000 motorists had private info exposed by DVLA after driving licences and passports were sent to the WRONG addresses
Dan Elsom reports: MORE than 2,000 drivers had confidential details exposed by the Driver and Vehicle Licensing Agency after important documents were sent to the wrong addresses. The DVLA reported 439 data breaches over a 10-month period, according to a BBC Freedom of Information investigation. Read more on The Sun.
SNP faces fines for data protection breach after election mailing error
Severin Carrell reports: The Scottish National Party faces being fined for a breach of data protection laws after sending out tens of thousands of European election mailings to the wrong addresses. The Information Commissioner’s Office confirmed on Friday morning that the SNP had referred itself for investigation after voters across Scotland received letters addressed to…
Database With Millions of Indian Personal Records Exposed and Hijacked
Bob Diachenko writes: On May 1st, I have discovered an unprotected and publicly indexed MongoDB database which contained 275,265,298 records with personal identifiable information (PII) on Indian citizens, including the following fields: Name Email Gender Education level and area of speciazliation Professional skills / functional area Mobile phone number Employment history and current employer Date of…