Jan Lee reports: Ex-students from Xinmin Secondary School received a shock yesterday when they found out that their alma mater had suffered a data breach. Several told The New Paper they received calls from their former school yesterday, informing them that their names and identity card numbers had been leaked on pastebin.com, self-described as “where…
Cn: Police detain 20 over personal information infringement
Oops. I missed this last week when Xinhua reported: Police in east China’s Wenzhou City, Zhejiang Province have seized 20 people suspected of stealing more than 300,000 pieces of personal information. The gang were found to have hacked into servers of over 50 airline company websites since 2016. The leaks included user IDs, passwords and…
Man linked to TheDarkOverlord sentenced to 3 years in jail
Sam Wildman reports that a Wellingborough, U.K. man who has been linked to TheDarkOverlord has been sentenced to jail for three years, but for crimes that do not unequivocally appear to be the work of the blackhat hacking collective. “Crafty Cockney,” whose real name is Nathan Wyatt, had pleaded guilty in September to 20 counts…
UK: Consultants’ letters about 9 patients given to wrong patient
Elgan Hearn reports that the ICO is investigating a breach involving sensitive information of nine patients. An envelope containing the nine letters from a consultant for patients right across Shropshire were wrongly included in a letter sent to a patient in Newtown. The envelope was passed on to health campaigner Cllr Joy Jones, who brought the…
Pentagon Exposed Some Of Its Data On Amazon Server
CNN reports: A researcher says the Pentagon exposed huge amounts of web-monitoring data in a security failure. Anyone with a free Amazon Web Services account could have looked at the hoard of information stored in the cloud by the U.S. Defense Department, according to Chris Vickery, a researcher at cybersecurity firm UpGuard who discovered the exposure. Read more…
UPMC Susquehanna notifies 1,200 patients of data breach
The Daily Item reports: UPMC Susquehanna has notified 1,200 patients treated at various UPMC Susquehanna locations that their personal information — including names, dates of birth, contact information and Social Security numbers — may have been inappropriately accessed. Read more on Daily Item. So far, it’s reading like a phishing incident.