Statement on the school district’s website from Supt. Dr. Edgar B. Hatrick: Recently, the school system was informed of a security breach involving one of our software vendors. The vendor, Risk Solutions International, maintains the school system’s Emergency Management Plans. The website contains some personal information about students and staff members that is normally restricted to…
AU: Schoolboy hacks Public Transport Victoria website
Adam Carey reports: Personal information about public transport users in Victoria has been exposed to potential identity theft because government authority Public Transport Victoria failed to secure its website. The security flaw in the PTV website was discovered by schoolboy Joshua Rogers, 16, who used a simple hacking technique to unearth a database containing the…
OpenSUSE forums hacked in ANOTHER vBulletin attack
Phil Muncaster reports: Linux distro openSUSE’s public forums have been compromised and defaced and tens of thousands of user email addresses exposed after a hacker exploited a zero day flaw in the underlying vBulletin software. OpenSUSE responded quickly to media reports about the breach on Tuesday by admitting the successful exploit had allowed the hacker…
Drowning in breach reports today…
Today, HHS added 37 incidents to its public breach tool, which I’ve summarized over on phiprivacy.net (here and here). But it looks like I can’t catch a break, as the Maryland Attorney General’s Office also updated its breach tool. So here are some more breaches I did not previously know about, with links to their…
HHS updates breach tool, Part 2: it's news to me
Today’s update to HHS’s breach tool included a number of incidents that I had not known about: Servicios Medicos Integrados de Fajardo in Puerto Rico reported that T & P Consulting, Inc. d/b/a Quantum Health Consulting reported lost device(s) with PHI on 10,000. The incident occurred on January 11, 2012, and I had already entered…
HHS updates breach tool, Part 1: many older incidents newly added
Okay, so HHS decided to give me a migraine by adding no less than 37 breach incidents to its public breach tool today. I suspect, but cannot be certain, that my repeated inquiries to them about breach reports not showing up in a timely fashion – the last such inquiry a few days ago –…