Contractor’s “coding loophole” exposed Boston Teachers Union Health & Welfare Fund members’ SSN

[Erica Absetz <erica () riskbasedsecurity com>]

http://www.databreaches.net/?p=28008

A “coding loophole” by its contractor Classic  Administrative Services
reportedly exposed  the names and Social Security numbers of 506
members of the Boston Teachers Union Health & Welfare Fund. The breach
was discovered by a member doing a Google Search on April 4,  and the
notification to those affected does not indicate for how long their
data were exposed.
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss-discuss

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.