Exposure

UK: Cornwall Council Data Breach

The Cornwall council accidentally published the personal details of five schoolchildren in publicly accessible meeting documents. Cornwall Council has apologized for the data breach, including their names, addresses, and dates of birth. It made the error when it published online documents for a meeting of its School Transport Appeals Committee. Source: InformationSecurityBuzz.

Boca Raton Attorney Allegedly Leaked Clients’ Confidential Files

Joshua Ceballos reports: All Priscilla Haring wanted from her divorce attorney, Richard Glenn Ozelie, was a divorce. But, according to her complaint filed in Broward civil court in March, what she got instead was scores of confidential files belonging to “a minimum of 96 individuals”  — a potentially huge breach of ethics by her erstwhile attorney. Read...

Personal details of 21M SuperVPN, GeckoVPN users leaked on Telegram

Waqas reports on a leak spotted by VPNMentor: In total, the database contains 10GB worth of data from companies like SuperVPN, GeckoVPN, and ChatVPN which is now available for free download on several different Telegram groups. On May 7th, 2022, a database containing the personal details and login credentials of 21 million users was...

Insufficient Data Security and Disregard for Student Data Privacy Plague the DeKalb County School District; With Commentary by Jim Siegl

Keegan Brooks writes: The DeKalb County School District has been making thousands of files containing sensitive student and staff information widely accessible to anyone in the district. Types of information exposed have included social security numbers, academic records, medical forms, course transcripts, standardized test scores, discipline records, and the 504/IEP information of students, among...

University of Essex data breach being taken ‘very seriously’

BBC reports: A data breach affecting more than 400 students is being treated “very seriously”, the University of Essex said. Law firm Hayes Connor, which is representing some students, said an email from an external partner of the college included personal information. A spreadsheet containing student IDs, dates of birth and contact details was...