BreachExchange mailing list archives
Potential data breach exposed in state’s travel exemption request system
From: Destry Winant <destry () riskbasedsecurity com>
Date: Mon, 12 Oct 2020 09:25:27 -0500
https://www.hawaiinewsnow.com/2020/10/10/potential-data-breach-exposed-states-travel-exemption-request-system/ HONOLULU, Hawaii (HawaiiNewsNow) - The state is investigating a potential breach of data within one of their systems tied to the Attorney General’s office. Nearly 150 individuals who applied for a travel exemption through the state Attorney General’s website were notified Friday about the potential breach. It impacts applicants between Sept. 18 and Sept. 21. In the email notice, officials say during that time, the system could have been exploited to allow users to access the personal information of other applicants. This information is believed to have exposed names, phone numbers, and copies of state IDs. It’s unclear however if any information was in fact compromised, but the system has reportedly been fixed. “The State reviewed how the application accesses data in the database and will continue monitoring the application and look at ways to further safeguard usersʻ information,” the notification sent out said. Officials tell Hawaii News Now, the over two-week delay between the system fix and notifying those who were potentially impacted was not unreasonable and within legal requirements. Those who were notified about the potential breach were urged to contact the Attorney General’s office at hawaiiag () hawaii gov if they have further questions or concerns. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Potential data breach exposed in state’s travel exemption request system Destry Winant (Oct 12)