AP reports that Vermont settled with a subcontractor for its Health Connect service after a breach in which the subcontractor didn’t – and possibly would never have – notified anyone about a breach they had been alerted to: Vermont’s attorney general says a technology company will pay a $264,000 fine for a data breach that…
Category: Subcontractor
Thousands of Security Firm Job Applications Citing Top Secret US Government Work Exposed on Misconfigured Amazon Server
Dell Cameron reports: Thousands of files containing the personal information and expertise of Americans with classified and up to Top Secret security clearances have been exposed by an unsecured Amazon server, potentially for most of the year. The files have been traced back to TigerSwan, a North Carolina-based private security firm. But in a statement…
AU: OAIC investigating Flight Centre customer data leak
Allie Coyne reports: Travel agency Flight Centre is under investigation by the country’s privacy regulator after accidentally releasing personal information of an undisclosed number of its customers to third-party suppliers. The firm confirmed last month that “human error” was behind the data breach. It has not said how many customers were affected, nor what personal…
UK: Anonymous hacker claims to have stolen the NHS medical records of 1.2million Brits
Shaun Wooler reports: A computer geek with alleged links to global hacking group Anonymous has stolen patient data from an NHS appointment booking system. The crook breached a private contractor’s security to access a database containing confidential records on up to 1.2million people. SwiftQueue is paid by eight NHS trusts to manage a website, through…
US Voting Machine Supplier Leaks 1.8 Million Chicago Voter Records
Dell Cameron reports: A leading US supplier of voting machines confirmed on Thursday that it exposed the personal information of more than 1.8 million Illinois residents. State authorities and the Federal Bureau of Investigation were alerted this week to a major data leak exposing the names, addresses, dates of birth, partial Social Security numbers, and…
Surgical Dermatology Group notifies patients after TekLinks hacked
From their web site: On June 7, 2017, Surgical Dermatology Group in Birmingham, Alabama (“SDG”) received notice from its cloud hosting and server management provider, TekLinks, Inc., of a security breach at its Birmingham facility that hosts our server. We immediately initiated an investigation and learned that external hackers had gained access to our server…