Catalin Cimpanu reports: Hackers have breached the systems of 62 colleges and universities by exploiting a vulnerability in an enterprise resource planning (ERP) web app, the US Department of Education said in a security alert sent out this week. The vulnerability is in Ellucian Banner Web Tailor, a module of the Ellucian Banner ERP that…
Category: Other
Google Data Breach Faces Review by Irish Privacy Watchdog
Stephanie Bodoni reports: Google faces a possible investigation by Irish data privacy regulators related to reports that contractors had been able to listen to audio of users of its digital assistant technology. The Irish Data Protection Commission received a breach notification from the company late Thursday, said Graham Doyle, the agency’s spokesman. Google reacted in…
WeTransfer Security Incident Sent Files to the Wrong People
Lawrence Abrams reports: In an embarrassing security incident, the WeTransfer file sharing service announced that for two days it was sending it’s users shared files to the wrong people. As this service is used to transfer what are considered private, and potentially sensitive files, this could be a big privacy issue for affected users. Starting…
IT error deletes Creighton pharmacy patient records, including prescription, insurance info
Julie Anderson reports: An IT error resulted in the deletion of patient records Tuesday from the Creighton University Campus Pharmacy at 2412 Cuming St. The lost data includes prescription and refill history and insurance information for all customers. A count of customers wasn’t immediately available, but the pharmacy filled 50,000 prescriptions in 2017. The incident…
Now THIS is painful: PainMD tells bankruptcy court it lost access to its own patients’ records
OK, I don’t think I’ve ever seen a breach report quite like this one, so grab your favorite beverage and read what Brett Kelman reports on a company that ran into trouble with regulators and then filed for bankruptcy…. and in the process, managed to lose access to all their patients’ stored records because the…
U.S. finds American guilty in Singapore HIV data leak case
Reuters reports: A U.S. citizen who leaked the names of more than 14,000 HIV-positive people in Singapore has been found guilty by a U.S. court of illegally transferring personal data and threatening the Singapore government, court filings show. Read more on Reuters.