Critical Infrastructure Protection Review
News • Insights • Analysis
More than 45 million medical images—and the personally identifiable information (PII) and personal healthcare information (PHI) associated with them–have been left exposed online due to unsecured technology that’s typically used to store, send and receive medical data, new research has Read More …
The personal and health information of more than 16 million Brazilian COVID-19 patients has been leaked online after a hospital employee uploaded a spreadsheet with usernames, passwords, and access keys to sensitive government systems on GitHub this month. Among the Read More …
Singapore is investigating claims that local-based mobile app, Muslim Pro, has sold “granular location data” to the US military. Clocking more than 98.5 million downloads worldwide, the popular prayer tracking app has denied the allegations, saying it shares only anonymised Read More …
A security vulnerability in the infrastructure underlying Germany’s official COVID-19 contact-tracing app, called the Corona-Warn-App (CWA), would have allowed pre-authenticated remote code execution (RCE). Researcher Alvaro Muñoz wrote in a report this week that he and his team at GitHub Read More …
A platform used by healthcare workers in the Philippines designed to share data about COVID-19 cases contained multiple flaws that exposed healthcare worker data and could potentially could have leaked patient data. Vulnerabilities found in both the COVID-KAYA platform’s web Read More …
A widely used hotel reservation platform has exposed 10 million files related to guests at various hotels around the world, thanks to a misconfigured Amazon Web Services S3 bucket. The records include sensitive data, including credit-card details. Prestige Software’s “Cloud Read More …
The Information Commissioner’s Office (ICO) has fined Marriott £18.4 million over a 2014 data breach, heavily reducing the penalty originally planned due to COVID-19 disruption. The Marriot hotel group was subject to a 2014 data breach impacting the Starwood resort Read More …
In 2018, Singapore suffered its worst ever data breach when inadequate cybersecurity at SingHealth saw a quarter of the population’s medical records stolen. The subsequent official review recommended remedies that should already be basic security policies. Two years after the Read More …
British Airways has been fined £20 million for “unacceptable” failures that led to personal details of hundreds of thousands of customers’ data being being stolen by hackers in 2018. The fine represents the largest financial penalty issued by the UK’s Read More …
A group of hackers has leaked on Saturday the names and personal details of more than 1,000 high-ranking Belarusian police officers in response to violent police crackdowns against anti-government demonstrations. The leaked data included names, dates of birth, and the Read More …
