News and Updates on Information Technology

A misconfigured database maintained by a California government agency may have disclosed sensitive medical information for citizens.

Exploit: Misconfiguration

Kings County California Public Health Department: Local Government Agency

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.711= Moderate

Kings County, California announced that the security flaw in its public webserver made limited information on COVID-19 cases available on the internet. The misconfiguration has been chalked up to a negligent third-party contractor. Discovered in mid-November 2021, officials say that the flaw was in place starting on February 15, 2021, and was corrected on December 6, 2021.

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.701= Moderate

In a statement, the county said that names, dates of birth, addresses, and COVID-related health information for county COVID-19 cases were among the data that was available to view. They’ve set up a dedicated call center to answer questions from the public.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business Misconfiguration incidents due to employee or contractor negligence are just as expensive and damaging as cybercrime when regulators get finished with companies that have them.

Source: Portswigger