Colin Butler reports: The London Police Service used a provincial database containing the personal health records of people who tested positive for COVID-19 at one of the highest rates in Ontario, snooping on private medical information 10,475 times between April and July. Law enforcement gained the unprecedented power to access people’s personal medical information when the database…
Uber Exec Allegedly Concealed 2016 Hack With $100K BTC ‘Bug Bounty’ Pay-Off
Turner Wright reports: Joseph Sullivan, a former Chief Security Officer at Uber, allegedly tried to cover up a 2016 hack of sensitive data by funneling a hush money payment of $100,000 in Bitcoin through a bug bounty program. The hackers had obtained the drivers’ license numbers of roughly 600,000 Uber drivers as well as private…
UK: Man finds sensitive patient data outside Caithness General
The Northern Times reports: A man who was passing by Caithness General Hospital in Wick claims to have found a document containing “highly sensitive medical information” about patients. The member of the public, who wishes to remain anonymous, said he found the folded A4-size piece of paper lying on the road near the gate lodge…
FritzFrog and Lucifer Monero malware botnets putting more at risk
Jai Pratap reports: According to a study by Guardicore Labs, a Monero malware botnet known as FritzFrog has been deployed to ten millions of IP addresses. The malware has largely targeted governmental offices, educational institutions, medical centers, banks, and telecommunication companies, installing a Monero mining app known as XMRig. The study explains that FritzFrog uses a brute-force…
Jefferson Parish Schools data breach exposes 86 students’ information
Faimon Roberts reports: A data breach that exposed 86 Jefferson Parish public school students’ confidential student portal log information to more than 40,000 families was caused by a problem with a vendor, a school system spokeswoman confirmed Tuesday. […] When system officials began to receive calls about the problem, they contacted EdGear, the vendor that…
UK: Hairmyres Hospital creep avoids jail over repeated data breach
A Hairmyres Hospital worker who chatted up patients after getting contact details from their medical records has avoided prison. Andrew Stewart often used a false name and would tell unsuspecting women that their number had somehow turned up in his phone. Read more on Daily Record.