Some citizens’ personal information was available to view online
A misconfigured database managed by a California public office has potentially exposed the sensitive medical information of citizens.
County of Kings, in mid-California, announced that the security flaw in its public webserver made limited information on Covid-19 cases available on the internet.
The incident was discovered on November 24, 2021, and involved records obtained by the County’s Public Health Department from the California Department of Public Health and County healthcare providers.
An investigation determined that the misconfiguration resulted from an error made by a third-party contractor and existed on the county’s public webserver from February 15, 2021, until it was fully corrected on December 6, 2021.
In a notice (PDF) posted online, County of Kings said that names, dates of birth, addresses, and Covid-19-related health information was among the datasets available to view.
The government department said it has “no reason to believe that individuals’ information has been or will be misused”, but has informed all potential victims by post.
It added that no further action needs to be taken by the individuals, but has set up a dedicated call center, details of which can be found in the notice.
You may also enjoy reading, Assange Wins First Stage in Effort to Appeal US Extradition
Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for RiSec Weekly Cybersecurity Newsletter Today
Remember, CyberSecurity Starts With You!
- Globally, 30,000 websites are hacked daily.
- 64% of companies worldwide have experienced at least one form of a cyber attack.
- There were 20M breached records in March 2021.
- In 2020, ransomware cases grew by 150%.
- Email is responsible for around 94% of all malware.
- Every 39 seconds, there is a new attack somewhere on the web.
- An average of around 24,000 malicious mobile apps are blocked daily on the internet.
- How to request a CVE: From vulnerability discovery to disclosure - 21 September 2022
- Rockstar confirms hack after Grand Theft Auto 6 leak - 19 September 2022
- Uber Data Breach: Ride-hailing Giant Investigating disruptive ‘incident’ - 16 September 2022