Plus birth certificates, job interview data and more
A leak of 10,000 records at a Leicestershire care home provider exposed elderly patients' wishes not to be resuscitated, detailed care plans and precisely how much councils paid for individual patients' care.
Not only did Rotherwood Care Group, trading as Rotherwood Healthcare, leave an Amazon S3 bucket accessible to everyone on the internet, the company’s website privacy policy consisted solely of lorem ipsum placeholder text.
The leak came from an S3 bucket that was left unsecured. The Register was alerted to it by a security researcher who also informed his local branch of the GCHQ-sponsored Cyber Protect network.
When The Register contacted Rotherwood to ensure the open data was closed off prior to publication of this article, the company responded with lawyers' letters.
Rotherwood Healthcare's online privacy policy. It ..
Support the originator by clicking the read the rest link below.
