Exposure

700,000 French pharmacy Covid test results left publicly available

Ellie Fullalove reports (machine translation follows): A data leak involving an online platform used to transfer data from antigen tests carried out at pharmacies to the government platform SI-DEP has made 700,000 covid test results public, along with personal information. The platform known as Francetest was alerted to the bug in its system by...

VaxiCode flaw: Quebec refused to give immunity to the whistleblower

Thomas Gerbet reports (machine translation follows): Contrary to what the Minister of Digital Transformation, Eric Caire, said, the Quebec government has never offered immunity to the computer scientist who discovered the security flaw in the VaxiCode health passport application. Exchanges of emails obtained by Radio-Canada reveal the underside of this affair and show that...

Public health, vaccination records exposed in Denton County data breach related to Microsoft Power Apps

Maggie Prosser reports: Hundreds of thousands of public health records, including COVID-19 vaccination details, were exposed in a data breach that was linked to an app that is used at Denton County vaccine clinics, officials say. A malfunction in the third-party software revealed contact and identifying information, as well as COVID-19 vaccination types and...

Indonesia probes suspected data breach on COVID-19 app

Reuters reports: Indonesia is investigating a suspected security flaw in a COVID-19 test-and-trace app that left exposed personal information and the health status of 1.3 million people, a health ministry official said on Tuesday. Researchers from encryption provider (sic) vpnMentor  said personal information in the Indonesia Health Alert Card (eHAC) app, often required to be...

FBI Palantir glitch allowed unauthorized access to private data

Ben Feuerherd reports: A computer glitch in a secretive software program used by the FBI allowed some unauthorized employees to access private data for more than a year, prosecutors revealed in a new court filing. The screw-up in the Palantir program — a software created by a sprawling data analytics company co-founded by billionaire...

NL: Data leak at Radboudumc hospital was caused by former employee

This is a Google translation of a story in Dutch: The data breach at Radboudumc in Nijmegen is due to a former employee, the hospital reports in an update . Due to the leak, the data of an unknown number of employees is on the street. The hospital discovered the data breach earlier this month. Names, login names, email addresses...

By Design: How Default Permissions on Microsoft Power Apps Exposed Millions

The UpGuard Team writes: The UpGuard Research team can now disclose multiple data leaks resulting from Microsoft Power Apps portals configured to allow public access – a new vector of data exposure. The types of data varied between portals, including personal information used for COVID-19 contact tracing, COVID-19 vaccination appointments, social security numbers for job applicants,...

Chico State Students React to COVID-10 Vaccination Data Breach

Carmela Karcher reports: A data breach at Chico State University exposed the personal information of students who requested COVID-19 vaccination religious exemptions. According to the Associated Press, the information was posted on an anonymous internet message board and leaked records for about 130 students. Read more on CBS12. It’s not clear how this data...