With great thanks to @masek and @JayeLTee and others who assisted or tried to, including Rogers ISP and law enforcement in Canada, we can finally say:

Bolton Walk-In Clinic patient data leak locked down!

Read about this very frustrating effort to get exposed patient data locked down:

https://databreaches.net/2025/06/30/bolton-walk-in-clinic-patient-data-leak-locked-down-finally/

#healthsec #PHIPA #HIPA #cybersecurity #infosec #incidentresponse #dataleak

PostMortem: Assumed DOJ Montana Leak of Phone Dumps

Type of leak

Highly confidential information on a public SMB share without authentication

Threats from the leak

I see the following threats:

• Integrity and Confidentiality of investigations into serious crimes compromised
• Privacy of U.S. citizens compromised (very likely to contain most intimate data)
• Providing 3rd parties hostile to the U.S. with blackmail material

1/4

Some wild things I found exposed recently that I am actively trying to close down:

1) 🇺🇸 Criminal Defense firm with archived case files exposed (evidence, discovery, court docs, etc) includes crash reports with dead people - Contacted the Law firm last week and nothing done.

2) 🇺🇸 Phone extracts for multiple cases that have been on the news, including a case of a cop suicide, sexual abuse cases - Looking at who to notify about this one, being extra careful as the file listing suggests illegal stuff gathered as evidence might be exposed on it.

3) 🇳🇿 A database backup with a table that includes someone's diary, with a lot of entries about their sexual life.
This backup also includes ~1,500 logins for a police association on other tables and credentials to multiple companies & websites - Contacted higher-ups in the police association for help identifying who is responsible, but so far, no reply.

Just a few more servers to add to the list of dozens of pending cases. Will start escalating contacts until stuff gets fixed.

#cybersecurity #infosec #responsibledisclosure #threatintel #readyouremail

If you ask: Where do cyber criminals get all their information?

I can answer you that...

For a cyber criminal it is important to know, how much money (at least the order of magnitude) a potential victim has.

It would look bad if they try to cheat a poor bloke for some millions.

For that reason it is extremely nice (sarcasm) that a Colombian bank puts millions of documents about their customers (credit authorizations, creditworthiness reports, etc.) online WITHOUT any authentication or authorization required.

In order to fulfill their duty to the criminals of the world, they also put scans of the officials ID cards of those citizens online too (of course both sides).

On some days I cannot eat as much as I want to throw up.

Such is life in #infosec

Currently I am busy with my contacts in Colombia to find someone to take care of that. It would be much easier if said bank would follow RFC 9116. But alas, no such luck.

I will name the bank once the leak is closed.