Susan Edmunds reports: A Vodafone mobile customer was shocked to discover he could see a stranger’s personal details when he logged into his account online. Hayden Maskell said, when he logged into My Vodafone twice this week, he could see another customer’s name, account number, phone number, bills and “detailed usage” showing who they had called….
DC health website security breach exposes nurse’s personal info including SSN
Scott Taylor reports: A nurse tells 7 On Your Side and Call For Action she was horrified to discover a government web site exposed her name, address and social security number to others… and could have done the same to 600 other nurses. Nurses just like Alexia Park can log onto the DC Department of…
Update: BP data breach affected 60,000 after malware attack on PageUp job portal
Julie Iles reports that estimates of the PageUp breach impact on BP applicants has increased significantly: BP says a hack of its online recruitment portal has compromised the data of more job applicants than initially suspected. BP has emailed about 60,000 people who applied for jobs in its retail stores since 2008 to notify them they could have…
Identities of thousands of Tennesseans with HIV made vulnerable by government error
Bret Kelman reports: For nine months, the confidential data just sat there, where hundreds of employees could reach it. The identities of thousands of Tennesseans with HIV or AIDS, both living and dead, were listed in a computer database kept on a server accessible to the entire staff of the Nashville Metro Public Health Department. But…
The 111 Million Record Pemiblanc Credential Stuffing List
Troy Hunt reports: ……. I’ve just loaded 111 million email addresses found in a credential stuffing list called “Pemiblanc” into HIBP. I had multiple different supporters of HIBP direct me to this collection of data which resided on a web server in France and looked like this: That site has now been taken down…
A dumb security flaw let a hacker download US drone secrets
Matt Burgess reports: A hacker used a basic security vulnerability to access highly sensitive files relating to the US military’s spy drones and tanks, new research claims. Security firm Recorded Future says it discovered a criminal attempting to sell the secret information for only a few hundred dollars on a dark web forum last month….