Exposure

MN: Mankato Clinic notifies patients of health data breach

Mitch Keegan reports: The Mankato Clinic has notified more than 500 patients of a breach of unsecured protected health information. In a news release, Mankato Clinic says on August 3rd an electronic spreadsheet containing patient information for 535 patients was mistakenly e-mailed to a colleague of a Mankato Clinic employee to an external e-mail account. The...

TX: Lubbock County confirms private information accessible under new computer system, says situation not a data breach

Samantha Jarpe reports: Lubbock County released a statement Tuesday about previously private court information being made available to the public via a new records system. An earlier release by the Lubbock County Defense Lawyers Association characterized the incident as a data breach. The association said it became aware of the situation September 10. According...

Ottawa Hospital apologizes to unvaccinated staff for privacy breach

CBC reports: The Ottawa Hospital has apologized to unvaccinated staff after an email was sent out offering a vaccine education session with each recipient’s name visible to others. The email was sent from one of the hospital’s software systems and recalled immediately, the hospital said in a statement emailed to CBC, adding all copies of the...

Fitness Tracker Data Exposed 61 Million Records and User Data Online

Jeremiah Fowler writes: On June 30th, 2021 the WebsitePlanet research team in cooperation with Security Researcher Jeremiah Fowler discovered a non-password protected database that contained over 61 million records belonging to users around the world. The massive amount of exposed records were related to IOT health and fitness tracking devices. Upon further investigation there were multiple...

Texas Right to Life website exposed job applicants’ resumes

Zack Whittaker reports: Anti-abortion group Texas Right to Life exposed the personal information of hundreds of job applicants after a website bug allowed anyone to access their resumes, which were stored in an unprotected directory on its website. A security researcher told TechCrunch that the group’s main website, built largely in WordPress, was not...

Private information of 2,841 students accidentally released; School division did not make proper notice — regulator

CBC reports: A recent report by the Saskatchewan information and privacy commissioner’s office revealed that private information of 2,841 students was accidentally made public last year. The records in question included students’ names, identification numbers, phone numbers, grades and parent email addresses. The school division, which is in southwest Saskatchewan and has more than...