Tag Archives: exposed

Technology

Indian state government website exposed COVID-19 lab test results – TechCrunch

Leave a comment

A security flaw in a website run by the government of West Bengal in India exposed the lab results of at least hundreds of thousands of residents, though likely millions, who took a COVID-19 test.

The website is part of the West Bengal government’s mass coronavirus testing program. Once a COVID-19 test result is ready, the government sends a text message to the patient with a link to its website containing their test results.

But security researcher Sourajeet Majumder found that the link containing the patient’s unique test identification number was scrambled with base64 encoding, which can be easily converted using online tools. Because the identification numbers were incrementally sequenced, the website bug meant that anyone could change that number in their browser’s address bar and view other patients’ test results.

The test results contain the patient’s name, sex, age, postal address, and if the patient’s lab test result came back positive, negative, or inconclusive for COVID-19.

Majumder told TechCrunch that he was concerned a malicious attacker could scrape the site and sell the data. “This is a privacy violation if somebody else gets access to my private information,” he said.

Two redacted COVID-19 lab test results exposed as a result of a security vulnerability on the West Bengal government’s website. (Screenshot: TechCrunch)

Majumder reported the vulnerability to India’s CERT, the country’s dedicated cybersecurity response unit, which acknowledged the issue in an email. He also contacted the West Bengal government’s website manager, who did not respond. TechCrunch independently confirmed the vulnerability and also reached out to the West Bengal government, which pulled the website offline, but did not return our requests for comment.

TechCrunch held our report until the vulnerability was fixed or no longer presented a risk. At the time of publication, the affected website remains offline.

It’s not known exactly how many COVID-19 lab results were exposed because of this security lapse, or if anyone other than Majumder discovered the vulnerability. At the time the website was pulled offline at the end of February, the state government had tested more than 8.5 million residents for COVID-19.

West Bengal is one of the most populated states of India, with about 90 million residents. Since the start of the pandemic, the state government has recorded more than 10,000 coronavirus deaths.

It’s the latest of several security incidents in the past few months to hit India and its response to the coronavirus pandemic.

Last May, India’s largest cell network Jio admitted a security lapse after a security researcher found a database containing the company’s coronavirus symptom checker, which Jio had launched months earlier.

In October, a security researcher found Dr Lal PathLabs left hundreds of spreadsheets containing millions of patient booking records — including for COVID-19 tests — on a public storage server that was not protected with a password, allowing anyone to access sensitive patient data.

Send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send files or documents using SecureDrop.

Read original article here

World

Ingraham: Big Tech, Big Business and BLM exposed as ‘unholy trinity’ behind Biden win

Leave a comment

A bombshell report by Time magazine Friday proves the existence of “a real and vast conspiracy to unseat” former President Donald Trump, Laura Ingraham claimed Friday. 

In describing the report by Time national political writer Molly Ball, “The Ingraham Angle” host focused on what she called an “unholy trinity” of anti-Trump forces. 

“First is Big Tech,” she said. “It’s no secret that Facebook’s Mark Zuckerberg and Twitter’s Jack Dorsey are rabid leftists and supported Biden.”

That support, Ingraham argued, was most obvious when Facebook and Twitter limited circulation of the New York Post’s reporting on documents detailing Hunter Biden’s overseas business interests that were recovered from a misplaced laptop. 

TIME REPORT TOUTS ‘CABAL OF POWERFUL PEOPLE’ BEHIND ‘SHADOW CAMPAIGN’ TO SHAPE 2020 ELECTION

“A poll from November found that 4.6% of Biden voters would not have voted for him had they been aware of the Hunter Biden scandal,” said the host. “Biden only beat Trump by 4.4% of the vote.”

“Of course,” Ingraham added, “we can’t leave out the fact that Zuckerberg was key to realizing mass mail-in balloting. He donated $300 million to local election offices and the liberal activists masquerading as nonpartisan voter educators. They expanded vote by mail and enrolled millions of voters.”

The second part of the trinity, she continued, was Black Lives Matter, who Ingraham described as “loyal Biden foot soldiers.”

The third anti-Trump force in the trinity, is Big Business, Ingraham said. She noted that the ostensibly pro-business U.S. Chamber of Commerce backed 23 vulnerable Democratic House freshmen last year, 18 of whom are on record supporting a $15 minimum wage.

“The Chamber’s overture to pro-union Dems may have been greasing the skids for what came next: Time reports that a week before Election Day, AFL-CIO adviser Mike Podhorzer received an unexpected message: The U.S. Chamber of commerce wanted to talk,” the host explained.

“They began to discuss a joint statement pledging the organization’s shared commitment to a fair and peaceful election.”

However, the real reason for the meeting, Ingraham argued was to ensure “access to cheap foreign labor and endless streams of people coming across the border.”

CLICK HERE TO GET THE FOX NEWS APP

“Trump kept labor markets tight by clamping down on work visas and securing our border,” she continued. “That was great for American workers. The Chamber of Commerce hated it.”

“Democrats have control [of Washington] at least two more years, “Ingraham concluded. “The more we learn about how they got there and the more we see the disastrous results of their policies in this collaboration, the easier it will be to end that control and give it back to those of us that want to empower Americans; not just manipulate them.”

Read original article here

World

New Zealand virus quarantine flaw exposed

Leave a comment

WELLINGTON, New Zealand (AP) — The woman who took a flight back to New Zealand was supposed to avoid all physical contact with others for 14 days as she went into mandatory quarantine. The man working at the quarantine hotel was supposed to be the last line of defense.

But the two started passing notes to each other, including one written on the back of a face mask. Then she ordered a bottle of wine, which he delivered to her room. When he didn’t return 20 minutes later, a security manager sent to investigate found the pair together in what authorities are describing as an inappropriate encounter, one in which physical distancing wasn’t maintained.

The incident earlier this month, which came to light Friday, has highlighted a very human weak point in New Zealand’s coronavirus elimination procedures, in a country which has stamped out community spread of the virus. It is similar to lapses in Australia that may have contributed to a major outbreak last year in Melbourne.

“We’re dealing with human beings,” said COVID-19 Response Minister Chris Hipkins. “We ask everybody to adhere to the standards that we put in place. I cannot control the actions of every individual.”

Hipkins said the pair’s behavior was totally unacceptable and he’d asked for a thorough inquiry.

Brigadier Jim Bliss, the head of managed isolation and quarantine, said the worker was immediately sent home and told to self-isolate. He was later fired. The returning traveler, meanwhile, was given a formal written warning by the police. Authorities breathed a sigh of relief after both returned negative coronavirus tests.

“The actions of the two people involved in this incident are incredibly irresponsible and extremely disappointing,” Bliss said. “There is absolutely no room for complacency.”

Bliss said the actions of the staffer at the Grand Millennium Auckland hotel weren’t reflective of the 4,000 people working at quarantine hotels who each day “selflessly put themselves between us and this virus.” He said an investigation is underway to consider whether additional security measures are needed.

The identities of the two people involved have not been disclosed by authorities.

New Zealand’s successful response has resulted in just 25 people dying from the virus in a nation of 5 million. The only new cases are those originating from returning travelers, 100,000 of whom have flown in over the past year. Authorities and people around the country remain highly tuned to any breaches at the border.

Read original article here