Information Security News mailing list archives
Personal information of almost 100, 000 people exposed through flaw on site for transcripts
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 22 Oct 2014 07:55:49 +0000 (UTC)
http://www.washingtonpost.com/blogs/the-switch/wp/2014/10/21/personal-information-of-almost-100000-people-exposed-through-flaw-on-site-for-transcripts/ By Ashkan Soltani, Julie Tate and Ellen Nakashima The Washington Post October 21, 2014The personal information of almost 100,000 people seeking their high school transcripts was recently exposed on a Web site that helps students obtain their records.
The site, NeedMyTranscript.com, facilitates requests from all 50 states and covers more than 18,000 high schools around the country, according to its Web site and company chief executive officer.
The data included names, addresses, e-mail addresses, phone numbers, dates of birth, mothers' maiden names and the last four digits of the users' Social Security numbers. Although there is no evidence the data were stolen, privacy advocates say the availability of such basic personal information heightens the risk of identity theft.
The availability of the data appears to be the result of a flaw in the way the two-year-old site was designed. It highlights how easily sensitive personal information can be exposed with the proliferation of online businesses and services - many of which do not employ adequate security practices.
[...] -- Evident.io - Continuous Cloud Security for AWS. Identify and mitigate risks in 5 minutes or less. Sign up for a free trial @ https://evident.io/
Current thread:
- Personal information of almost 100, 000 people exposed through flaw on site for transcripts InfoSec News (Oct 22)