It seems that every week I hear from researchers who find patient data or medical data exposed. And I know some of them spend inordinate amounts of time trying to contact entities to get them to secure their unsecured sensitive data. Some of these researchers do this for no pay and no expectation or hope…
Port Orange Suspends Online Payment System to Investigate Possible Data Breach Involving Click2Gov
Update: The original post below was published on October 19, 2019. On January 10, 2020, Port Orange said that they were first notified by CentralSquare on November 6. Yet they had reportedly suspended payment by October 19 to investigate. So why has it taken them so long to make this follow-up announcement? Spectrum News reports…
Equifax used ‘admin’ as username and password for sensitive data: lawsuit
Ethan Wolff-Mann reports: Equifax used the word “admin” as both password and username for a portal that contained sensitive information, according to a class action lawsuit filed in federal court in the Northern District of Georgia. The lawsuit, filed in January, went viral on Twitter Friday after Buzzfeed reporter Jane Lytvynenko came across the detail. Read more…
Mercedes-Benz app glitch exposed car owners’ information to other users
Zack Whittaker reports: Mercedes-Benz car owners have said that the app they used to remotely locate, unlock and start their cars was displaying other people’s account and vehicle information. TechCrunch spoke to two customers who said the Mercedes-Benz’ connected car app was pulling in information from other accounts and not their own, allowing them to…
Blame uni’s lax security for data leak, says UM hacker
There’s more on the University of Malay breach noted yesterday. MalaysiaKini is reporting: MrX’, which claimed to be the hacker who yesterday dumped vast amounts of personal data belonging to University of Malaya (UM) staff, said the varsity is to blame for the data breach due to its lax online security. “Guess who? Security is…
Student Hacked Into Downingtown Area School District System To Gain Competitive Advantage In Water Gun Fight, Officials Say
Howard Monroe reports on what sounds like yet another hack involving Naviance. We first read about a Naviance hack by a student last week involving the Montgomery County Public Schools in Maryland. Now it’s the Downingtown Area School District in Pennsylvania, it seems. A student prank went too far after personal information belonging to dozens…