This is the story of how mapping and analysis of an open elastic search led to the discovery of a misconfigured Amazon s3 bucket that exposed data from hundreds of thousands of dental patients. If you live in Brazil, you may already be experiencing breach fatigue from having had so much of your personal and…
Category: Subcontractor
CenturyLinks’ suffers data leak due to vendor error
Tim Sandle reports: CenturyLink has reported that a customer information database of 2.8 million records was found exposed. The database was affiliated with a third-party notification platform and has been exposed for 10 months. With the CenturyLink issue, the personal information of hundreds of thousands on CenturyLink customers, including name, addresses, email addresses, and phone…
Geisinger Health Plan Notifies Members About Business Associate Phishing Attack at Magellan NIA
HIPAA Journal reports: HIPAA Danville, PA-based Geisinger Health Plan has discovered the protected health information (PHI) of some of its members has been exposed as a result of a suspected phishing attack on one of its business associates, Magellan NIA. Magellan NIA provides radiology benefits management services to the health plan, which requires access to…
AU: Tech start-up apologizes to students after potential data breach
Bianka Farmakis reports: Online events promotions company Get has apologised for potentially exposing the names, phone numbers and email addresses of up to 50,000 Australian university students in a data breach. Read more on 9News.
Montgomery County Public Schools forces password reset after Naviance hacked
Update: It was a Maryland student who did it. Brad Shear forwarded a notice he received yesterday concerning a breach impacting students of the Montgomery County Public School District. The cover email, from Luana Zimmerman of college career service Naviance began: Due to a recent data security incident in Naviance that affected one of our…
LA: Magnolia Pediatrics notifying patients after attack on IT vendor resulted in ransomware infection
Ellyn Couvillion reports: A pediatrics practice in Prairieville is working with the FBI and has notified its patients’ families of a ransomware virus that in August attacked the computer network of the information technology company that provides IT services for the clinic. Read more on The Advocate.