Data Breach at Drug Screening Lab
A configuration error has caused a prolonged data breach at a Florida County’s drug screening laboratory.
The security incident occurred at St. Lucie County’s Drug Screening Lab (SLC Lab), which supplies drug testing services for employment, court cases and other purposes.
In a statement released January 20 2022, County leaders said that a misconfiguration detected in the lab’s website portal had inadvertently made some of the portal users’ personal data accessible for more than four years.
“Upon learning of this issue, SLC Lab corrected the misconfiguration and immediately launched an investigation in consultation with outside cybersecurity professionals who regularly investigate and analyze these types of incidents,” said the officials.
“SLC Lab devoted considerable time and effort to determine what information may have been accessible to unauthorized users.”
A digital forensic investigation was launched to determine what data had been exposed by mistake.
The County said: “SLC Lab discovered on December 28 2021 that the website portal misconfiguration allowed for data to be accessible to certain portal users between June 2 2017 and October 13 2021.”
Data exposed in the incident included full names and one or more of the following: Social Security numbers, dates of birth and limited lab test type and result information.
“To date, SLC Lab is not aware of any reports of identity fraud or improper use of any information as a direct result of this incident,” said the County.
On January 20, the lab began notifying affected individuals of the security incident by letter and encouraging them to enroll in complimentary credit monitoring services. County leaders did not state how many residents of St. Lucie County may have had their data compromised.
St. Lucie County spokesman Erick Gill told WPTV that the mistake impacted no other data in the care of the county.
“SLC Lab is committed to maintaining the privacy of personal information in its possession and has taken many precautions to safeguard it,” said Gill.
He added: “SLC Lab continually evaluates and modifies its practices to enhance the security and privacy of the personal information it maintains.”
More Stories
Deepfake Defense: Your 8-Step Shield Against Digital Deceit
A disturbing story out of western Spain spotlights challenges of technological evolution. Unwitting children and teenagers were victims of users...
Friday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering Code
Another rare security + squid story: The woman—who has only been identified by her surname, Wang—was having a meal with...
Safer AI: Four Questions Shaping Our Digital Future
Depending on the day’s most popular headlines, AI is either a panacea or the ultimate harbinger of doom. We could...
UK and US expose Russian hacking plot intended to influence UK’s 2019 elections and spread disinformation
Two men have been charged with hacking into computer networks in the United States, UK, other NATO countries, and Ukraine,...
New Bluetooth Attack
New attack breaks forward secrecy in Bluetooth. Three. news articles. The vulnerability has been around for at least a decade....
ICO Warns of Fines for “Nefarious” AI Use
UK privacy regulator, the information commissioner, says illegal use of AI will be punished with fines Read More