Zack Whittaker reports: Popular animated avatar creator app Boomoji, with more than five million users across the world, exposed the personal data of its entire user base after it failed to put passwords on two of its internet-facing databases. The China-based app developer left the ElasticSearch databases online without passwords — a U.S.-based database for its international…
Contra Costa Health Plan notifying patients after discovering contractor had used falsified identity to get contract
It seems Contra Costa Health Plan discovered that a contractor that they had hired and who had access to EHR beginning on December 1, 2014 had used a falsified identity to get the contractor position. The position involved access to EHR as part of the contractor’s functions relating to utilization management. In a letter to…
AU: Thousands affected in ActewAGL and Icon Water mail-out privacy breach
Jasper Lindell reports: ActewAGL has confirmed 400 electricity, gas and water customers have received bundles of bills addressed to other utility customers in a massive privacy breach affecting 6000 customers in the ACT and NSW. ActewAGL notified the Privacy Commissioner of the breach after it became aware of the mistake on Wednesday and had set up…
Ca: Hundreds of N.W.T. health records found at Fort Simpson dump
Hilary Bird reports: An N.W.T man says he found hundreds of confidential medical records at the Fort Simpson dump. The documents contain detailed information about patients’ mental health and history of drug use, including applications to addictions treatment facilities, progress reports from those facilities, and detailed notes from one-on-one counselling sessions. The documents, many of…
Hackers fooled Save the Children into sending $1 million to a phony account
Todd Wallack reports: Save the Children Federation, one of the country’s best-known charities said it was the victim of a $1 million cyberscam last year. The Connecticut-based nonprofit said hackers broke into a worker’s e-mail, posed as an employee, and created false invoices and other documents, to fool the charity into sending nearly $1 million…
Personal information of 541k individuals has been stolen from an emergency contact database after the website of the French Ministry of Europe breached
Sergiu Gatlan reports: According to the Ministry’s public statement, the hackers managed to get their hands on the names, phone numbers, and email addresses of all people who had an account on the French Ariane emergency contact database. The platform is used by the French Ministry of Europe and Foreign Affairs to allow citizens traveling abroad to…