Courtney Godfrey reports: Taking work home with you sounds like something a hardworking employee would do, unless that work includes private, sensitive data like it did with one employee in Wright County. The county knew about the data breach for seven months before notifying possible victims. It wasn’t until FOX 9 filed a public records…
Popular avatar app Boomoji exposed millions of users’ contact lists and location data
Zack Whittaker reports: Popular animated avatar creator app Boomoji, with more than five million users across the world, exposed the personal data of its entire user base after it failed to put passwords on two of its internet-facing databases. The China-based app developer left the ElasticSearch databases online without passwords — a U.S.-based database for its international…
Contra Costa Health Plan notifying patients after discovering contractor had used falsified identity to get contract
It seems Contra Costa Health Plan discovered that a contractor that they had hired and who had access to EHR beginning on December 1, 2014 had used a falsified identity to get the contractor position. The position involved access to EHR as part of the contractor’s functions relating to utilization management. In a letter to…
AU: Thousands affected in ActewAGL and Icon Water mail-out privacy breach
Jasper Lindell reports: ActewAGL has confirmed 400 electricity, gas and water customers have received bundles of bills addressed to other utility customers in a massive privacy breach affecting 6000 customers in the ACT and NSW. ActewAGL notified the Privacy Commissioner of the breach after it became aware of the mistake on Wednesday and had set up…
Ca: Hundreds of N.W.T. health records found at Fort Simpson dump
Hilary Bird reports: An N.W.T man says he found hundreds of confidential medical records at the Fort Simpson dump. The documents contain detailed information about patients’ mental health and history of drug use, including applications to addictions treatment facilities, progress reports from those facilities, and detailed notes from one-on-one counselling sessions. The documents, many of…
Hackers fooled Save the Children into sending $1 million to a phony account
Todd Wallack reports: Save the Children Federation, one of the country’s best-known charities said it was the victim of a $1 million cyberscam last year. The Connecticut-based nonprofit said hackers broke into a worker’s e-mail, posed as an employee, and created false invoices and other documents, to fool the charity into sending nearly $1 million…