Exposure

Prank Call Service PrankDial Exposed 138 Million Records Online

Jeremiah Fowler reports: On October 28th I discovered a non-password protected database that contained millions of log files. Upon further research, the records all contained information that identified PrankDial.com as the owner of the data. I immediately sent a responsible disclosure notice and the database was closed for public access shortly after. According to...

A leak report quietly disappears, leaving questions in its wake

On October 8, Jeremiah Fowler reported that he had discovered a non-password protected database that contained what appeared to be information regarding healthcare workers and traveling nurses.  If you had read the report on Security Discovery at the time, you would have read that almost one million people were potentially affected. Based on that...

OCR Imposes a $1.6 Million Civil Money Penalty against Texas Health and Human Services Commission for HIPAA Violations

Another settlement announced from HHS tonight. From their press release: The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) has imposed a $1,600,000 civil money penalty against the Texas Health and Human Services Commission (TX HHSC), for violations of the Health Insurance Portability and Accountability Act of...