CORRECTION: I don’t know how I did it, but instead of typing 42,000, I kept typing 92,000 when I originally wrote this one up. The number of patients affected was 41,948, as it said at the bottom of the post. My apologies to CTCA. Another phishing incident where an employee’s email account was storing a…
Misconfigured Locksmith Services web servers exposed sensitive information
Darryl Burke reports: On Wed Nov 23rd, we discovered a misconfiguration on the web servers of the company “Locksmith Services” which is a US based national dispatch service for Locksmiths. The misconfiguration on the website dispatchlogin.net exposed the; audio recording of calls, emails, customer contact information, photos of drivers licenses and passports, photos of credit…
UK: Hospital staff investigated for ‘spying’ on Sir Alex Ferguson’s medical records while he was fighting for his life
Benjamin Butterworth reports: At least five medics are being investigated over accusations they illicitly accessed Sir Alex Ferguson’s medical records while he was fighting for his life. Britain’s most successful football manager, who managed Manchester United from 1986 to 2013, received care for a brain haemorrhage at Salford Royal hospital in May. Two doctors, a…
Indio Water Authority notifies residents of Click2Gov breach
In reviewing the Click2Gov breaches, I just discovered another one from October that I hadn’t posted on this site. Let’s remedy that now. Statement on Click2Gov Data Security Incident INDIO, CA (October 12, 2018) – Indio Water Authority (IWA) was informed in September of a cybersecurity incident potentially affecting the credit card information of customers…
IA: Data breach found in city of Ames’ parking ticket payment system. It’s Click2Gov, again.
The Ames Tribune reports on yet another breach report involving Click2Gov (by CentralSquare Technologies): A data breach to the city’s parking ticket payment system may have affected 4,600 customers who paid a city-issued ticket on the city’s online payment system between Aug. 10 and Nov. 19, city officials said Friday in a news release. […]…
San Mateo Medical Center notifies patients after records erroneously recycled instead of shredded
Updated Feb. 22, 2019. DataBreaches.net was notified that HHS had finally removed the disputed listing from their portal. But when I checked, I found that it had not really been removed. OCR had closed its case and moved the entry to its archived list, with the following note: On November 13, 2018, OCR received a…