Randy Westergren looked into Christiana Care’s online payment portal, which involves a third party payment processor developed by BYL Companies, LLC. What Randy found was very concerning, and he promptly notified BYL of his findings. You can read his write-up of it all on his site. So here’s the thing: how many people may have actually exploited the vulnerability…
Category: Subcontractor
Data breach exposes thousands of expats’ details in Thailand
AFP reports: The personal details of thousands of foreign nationals living in the South were briefly leaked online in what the site’s developer admitted Monday was a data breach during a test for police. The leak comes as the government nation pushes ahead with a much publicised crackdown against foreign visa overstayers and criminals, with…
A.G. Schneiderman Announces Settlement After Social Security Numbers Of Over 500 Job Applicants Posted Online
The NYS Attorney General’s has announced a settlement following a data breach I never heard about. And I’m guessing that some people will grumble that the monetary penalty is too light. NEW YORK – Attorney General Eric T. Schneiderman today announced a settlement with Doritex Corp. and its website developer Kallus Opraments, involving the disclosure…
NY: Focused Technologies Imaging Services to pay more than $3 million for illegal and covert outsourcing of 16 million fingerprint cards to India for data entry
New York State Inspector General Catherine Leahy Scott and Attorney General Eric T. Schneiderman today announced that an Albany-area tech company and its principals will pay more than $3 million in fines for violating State contract security protocols by outsourcing millions of fingerprint records containing sensitive personal information to a company in India for data…
Illinois Valley Podiatry Group warned 26,588 patients after contractor hacked (Update1)
So I had missed this item from the Journal Star on March 8th: The Illinois Valley Podiatry Group, 3322 W. Willow Knolls Drive, has announced that it has became aware of unauthorized access to its computer records, believed to have taken place last year. The names, addresses and Social Security numbers of patients may have…
NJ: Virtua Medical Group notifies 1,654 patients whose information was exposed on Internet (updated)
On March 11, Burlington County Times reported: Virtua Medical Group, the network of doctors exclusively affiliated with the South Jersey health system, reported Friday that patient information — including names and treatments over a five-year period — was accidentally released and viewable on the Internet in January. The medical group learned on Jan. 21 that…