Bloomberg reports: BlackRock Inc., the world’s largest asset manager, inadvertently posted confidential information about thousands of financial adviser clients on its website. The data appeared in three spreadsheets, linked on one of the New York-based company’s web pages dedicated to its iShares exchange-traded funds. The documents included names and email addresses of financial advisers who buy…
Category: Of Note
Ca: Woman says childhood sexual trauma details leaked in privacy breach
Jack Julian reports on a truly horrific leak: A Dartmouth, N.S., woman whose personal information was exposed in the province’s worst-ever privacy breach says the experience has left her angry and hurt. “I felt violated,” the woman said. CBC News is shielding the woman’s identity because the files leaked by the province’s online freedom of information portal…
Monster 773 million-record breach list contains plaintext passwords
Dan Goodin reports: Have I Been Pwned, the breach notification service that serves as a bellwether for the security of login credentials, has just gotten its hands on its biggest data haul ever—a list that includes almost 773 million unique email addresses and 21 million unique passwords that were used to log in to third-party…
Over 140 International Airlines Affected by Major Security Breach
Sergiu Gatlan reports: Potential attackers could view and change private information in flight bookings made by millions of customers of major international airlines because of a security issue in the Amadeus online booking system found by Safety Detective’s Noam Rotem. Currently, the Amadeus ticket booking system is being used by 141 international airlines which gives…
DoD Health Agency Security Flaws Put Patient Data at Risk, OIG Finds
Jessica Davis reports: The Department of Defense Health Agency (DHA) failed to consistently implement security measures to protect the systems that stored, processed, and transmitted electronic health record and patient information, according to a DoD Office of Inspector General report released this week. The report found DHA and Army officials didn’t enforce the use of Common…
Massive Oklahoma Government Data Leak Exposes 7 Years of FBI Investigations
Thomas Brewster reports: Another day, another huge leak of government information. Last December, a whopping 3 terabytes of unprotected data from the Oklahoma Securities Commission was uncovered by Greg Pollock, a researcher with cybersecurity firm UpGuard. It amounted to millions of files, many on sensitive FBI investigations, all of which were left wide open on…