Jim Silver and Hailey Waller report: EmCare Inc. recently learned an unauthorized party obtained access to a number of employees’ email accounts that contained the personal information of as many as 60,000 individuals, 31,000 of which are patients, the company said in an email. On Feb. 19, the physician-services provider determined the accounts contained some…
United Way of the Big Bend investigates possible data security breach
WTXL reports: The United Way of the Big Bend is investigating a possible data security breach that occurred when taxpayer information was stolen from an employee in March. The organization says that 64 taxpayers’ information may be exposed after their information was stolen from the vehicle of a Volunteer Income Tax Assistance Program (VITA) site…
Iranian Ride-Hailing App Database Exposure
Bob Diachenko reports: On April 18th, during our regular security audit of nonSql databases with BinaryEdge search engine, I have discovered an open and publicly available MongoDB instance which contained astonishingly sensitive information on Iranian drivers. Information was structured to include the following data fields: Driver first name and last name SSN (10-digits Iranian ID…
MD Anderson ousts 3 scientists over concerns about Chinese data theft
Todd Ackerman reports: MD Anderson Cancer Center is ousting three scientists in connection with concerns China is trying to steal U.S. scientific research, the first such publicly disclosed punishments since federal officials directed some institutions to investigate specific professors in violation of granting agency policies. MD Anderson took the actions after receiving e-mails last year…
PA: Millions of rehab records exposed on Steps to Recovery’s unsecured database
Laura Hautala reports: It’s some of the most sensitive medical information a person could have. Records for potentially thousands of patients seeking treatment at several addiction rehabilitation centers were exposed in an unsecured online database, an independent researcher revealed Friday [link corrected by DataBreaches.net]. The records included patients’ names, as well as details of the…
WSU to pay up to $4.7 million for data theft involving 1.2 million people
Breaches that involve health data generally will cost you more. Asia Fields reports: Washington State University learned a costly lesson after a hard drive containing the personal information of more than a million people was stolen from a self-storage locker in 2017. Now, the university is going to have to pay even more. In a…