Trevor Pettiford reports that discarded medical records were found unsecured at a county landfill facility in St. Petersburg, Florida. The records, complete with names, addresses, and family histories, were discovered by a man dumping bulk trash at the Pinellas County Solid Waste facility at 3095 114th Avenue North in St. Petersburg. They apparently came from the…
Category: U.S.
Misconfigured MongoDB installation left Microsoft careers site vulnerable to attack
Chris Vickery writes: An exposed database was serving potentially arbitrary HTML through the mobile version of Microsoft’s careers page (m.careersatmicrosoft.com). Punchkick Interactive is a mobile web development company. Microsoft relies on Punchkick to handle the database that powers m.careersatmicrosoft.com. The bad news is that, for at least the past few weeks, this backend database has…
Hollywood Presbyterian Medical Center ‘Victim of Cyber Attack’
NBCLA reports: A Southern California hospital was a victim of a cyber attack, interfering with day-to-day operations, the hospital’s president and CEO said. Staff at Hollywood Presbyterian Medical Center began noticing “significant IT issues and declared an internal emergency” on Friday, said hospital President and CEO Allen Stefanek. A doctor who did not want to…
Teenage Hackers Promise More Government Hacks After Alleged Leader’s Arrest
Lorenzo Franceschi-Bicchierai reports: Government officials might have let out a sigh of relief this week after the UK police arrested a teenager suspected of being behind the long series of hacks and pranks targeting US government agencies and high-level officials. But friends and associates of the arrested teenager claim this is not the end. “Just because they…
KY: Retired firemen address board after newsletter containing sensitive information circulates
Lana Bellamy reports: A group of firefighters are concerned about possible identity theft in light of the publication of sensitive personal information on Ashland Commissioner Kevin Gunderson’s electronic newsletter. Last month, Gunderson’s regular electronic newsletter “Kevin Mail” had documents attached containing the names, partial Social Security numbers and pension member identification numbers on invoices related…
NY: Phishing scheme may have resulted in tax refund fraud
There’s an update to a reported phishing attack involving Hudson City School District. John Mason and Roger Hannigan report: The phishing scam that netted the Social Security numbers of all Hudson City School District staff members has moved in a troubling new direction. Several staff members, according to District Superintendent Maria Suttmeier, have started to…