Missy Wilkinson Reports: Health records and names of people who visited Tulane University Medical Center’s emergency department, including for attempted suicide. Graphic information about sexual assaults and the identities of the victims, witnesses and suspects. All this and other sensitive information protected under federal privacy laws was visible to anyone with a Tulane email...
Jonathan Greig reports: More than 30,000 US healthcare workers’ personal information was recently exposed due to a non-password protected database, according to security researcher Jeremiah Fowler and a team of ethical hackers with Website Planet. Fowler discovered a database run by Gale Healthcare Solutions with 170,239 exposed records that included names, emails, home addresses, photos and in...
Jakob Emerson reports: Sangamon County Animal Control (SCAC) is embroiled in a community controversy once again. SCAC is responsible for the sharing of uncensored photos of Illinois driver’s licenses to the internet in the place of photos of animals available for adoption at the facility. Anyone in the world with an internet connection could see photos,...
Seth Austin reports: The Kentucky Energy and Environment Cabinet (EEC) announced they discovered a data security breach on September 8, 2021. According to EEC, unredacted mining permit applications containing some mine owners’ and controllers’ personal information was available for public inspection at Department of Natural Resources’ field offices and on an EEC hosted website....
Ian Cross reports: Personal information for the entire Bay Village High School senior class, including grades, student ID numbers and test scores, was accidentally emailed to the families of each senior last week, according to a notice sent to families in the district. At about 8:53 a.m. on Tuesday, Nov. 23, a Bay High...
We have all read about mailing errors by now. In fact, such errors are one of the biggest types of HIPAA breaches — providing one patient’s information to another, or a mail merge error, or something similar. But here’s a case in the U.K. that serves as a painful reminder that such breaches can...
Bob Diachenko reports: On Nov 5th, I discovered an exposed database that appeared to belong to live sex cam website Stripchat. The exposed database makes multiple references to Stripchat and consists of nearly 200 million records. Exposed data includes email addresses, usernames, and IP addresses, among other info, seemingly about the site’s users and...
The Moscow Times reports: A database of Russians who purchased fake coronavirus vaccine certificates has leaked online, the Kommersant business daily reported Friday, with experts warning that the buyers are now at risk of both blackmail and jail time. With vaccine skepticism rampant, many Russians have turned to the black market to purchase counterfeit QR code passes...
Dean Pritchard reports an update to a previously disclosed breach: A class-action lawsuit will proceed against the province after confidential information about nearly 9,000 children with disabilities was mistakenly sent to agencies that provide services to them and community advocates. An email notice was delivered to potential claimants this week notifying them about the...
VA: Hundreds of parents, students, staff at risk of identity theft as personal records found tossed on floor at Old Pulaski Middle School