Phil Muncaster reports: Linux distro openSUSE’s public forums have been compromised and defaced and tens of thousands of user email addresses exposed after a hacker exploited a zero day flaw in the underlying vBulletin software. OpenSUSE responded quickly to media reports about the breach on Tuesday by admitting the successful exploit had allowed the hacker…
Drowning in breach reports today…
Today, HHS added 37 incidents to its public breach tool, which I’ve summarized over on phiprivacy.net (here and here). But it looks like I can’t catch a break, as the Maryland Attorney General’s Office also updated its breach tool. So here are some more breaches I did not previously know about, with links to their…
HHS updates breach tool, Part 2: it's news to me
Today’s update to HHS’s breach tool included a number of incidents that I had not known about: Servicios Medicos Integrados de Fajardo in Puerto Rico reported that T & P Consulting, Inc. d/b/a Quantum Health Consulting reported lost device(s) with PHI on 10,000. The incident occurred on January 11, 2012, and I had already entered…
HHS updates breach tool, Part 1: many older incidents newly added
Okay, so HHS decided to give me a migraine by adding no less than 37 breach incidents to its public breach tool today. I suspect, but cannot be certain, that my repeated inquiries to them about breach reports not showing up in a timely fashion – the last such inquiry a few days ago –…
ZA: Hacker reveals e-toll website security flaw
Jan Vermeulen reports that a hacker has reported a vulnerability in the SANRAL website that exposes user information: This is due to a page on the South African National Roads Agency Limited (Sanral) website which can be exploited to expose the PIN of any registered e-toll website user. The page is intended to be used…
Data Theft? Fox Rothschild Launches Data Breach 411 iPhone/iPAD App
A law firm has created an app to help counsel comply with the myriad state data breach notification requirements. From their press release: Features of the Fox data breach app include: State Security Breach Statutes: An alphabetical listing of the 46 states that have data breach laws in place and links to all the relevant notification…