STEAM ROOM FOR ANGER
Comments
-
🤬🤬🤬
I just learned why they disabled images. A data safety org found BCO had our images exposed (possibly for years), but they didn't respond to notifications for over 5 months!
Here's the text. The safety org recommends filing a consumer complaint to the Pennsylvania Attorney General.
————
Breast Cancer Support Organization Leaks Data Despite Multiple Notifications?- May 3, 2022
- Dissent
Update: After posting this, tweeting this story, and getting retweets on it, it appears that as of late yesterday, the bucket was finally secured. Thanks to SafeyDetectives who kept re-checking the bucket and to everyone who tried to call attention to this to get the data locked down. DataBreaches did not get any acknowledgement or response from BreastCancer.org — at least not yet. DataBreaches has not changed its opinion that an investigation is needed to determine for how long these data were exposed, whether they were accessed and downloaded, and why BreastCancer.org failed to respond to multiple notifications over a period of five months.
SafetyDetectives recently reported that Breastcancer.org has been exposing sensitive information in a misconfigured AWS bucket. According to their report, exposed data included more than 50,000 registered user avatars and more than 300,000 post images with EXIF data.
Some post images featured sensitive content that felt as though it was intended for private viewing. For example, there were results from medical tests and images of nudity (most likely taken for medical purposes) included among the files — contents that a user would not typically post publicly.
The data may have been exposed for years.
Read more on SafetyDetectives.
One point that wasn't clear from SafetyDetectives' report was whether the bucket had been secured. SafetyDetective started reaching out to BreastCancer.org in November of 2021. They describe their multiple efforts but no outcome was reported. DataBreaches reached out to SafetyDetectives and received the following reply:
… unfortunately the bucket is still unsecured, we tried reaching the organization several times to different email addresses (including their privacy email, CEO, and basically all the people on their about page), we even reached out via social media (we tried reaching them publishing a post, because they don't accept private messages), but they haven't reply back. We reached out to the US CERT but they didn't reply and AWS did reply, but the thing is that they cannot actually secure the bucket, but to tell the owner that they need to secure it.
We published our report hoping that they would reach out to us to secure it but they haven't gotten back to us yet.So more than 5 months after responsible disclosure attempts began, the bucket was still unsecured. DataBreaches reached out to BreastCancer.org through their website contact form, and like SafetyDetectives, got no reply.
DataBreaches left them a second message on their site telling them that we would be reporting in 48 hours and to lock down their data. There was no reply and the bucket was not secured.
At 8:00 am this morning, DataBreaches left a voicemail on their office phone. It reiterated that people had been notifying them for months but they had failed to lock down their Amazon storage bucket and that DataBreaches would be reporting on it this afternoon.
Still nothing, it seems.
The organization's privacy policy page contains this statement:
How We Protect Your Information
We use reasonable and appropriate administrative, technical, and physical safeguards to protect the information that we have about you from loss, theft, and unauthorized use, access, modification, or destruction. We also require third-party service providers acting on our behalf or with whom we share your information to maintain security measures in accordance with industry standards.
Although we have security safeguards in place, we cannot guarantee absolute security in all situations. If you have any questions about our security practices, please contact us as described in the "Contact Us" section. For your own security, please do not send any confidential personal information to us outside of our Services. It is also important that you maintain the security and control of your account credentials, and not share your password with anyone.Except that they don't respond to contacts.
Pennsylvania regulators need to look into both the lack of security and BreastCancer.org's failure to respond to repeated notifications that they were exposing personal and sensitive information.
If you wish to contact the Pennsylvania Attorney General's Office to file a consumer complaint, you can find information and an online complaint form linked from here.
If anyone has a contact at BreastCancer.org or has influence with them, perhaps you could reach out, contact them, and tell them to lock down all that sensitive information already!
And if you ever used their site and shared personal and/or sensitive data, perhaps you should contact them and demand that they secure your data.
-
All those idiots out there seem to have nothing better to do than mess with cancer patients. It is so stupid. They need to get a life and leave us to try to get on with our lives the best we can.
-
It’s BCO that caused this mess. Thought they were a cancer support organization???
-
BCO, we're waiting for a response!
-
On the glitches thread, they’ve posted the usual horse crap.
-
ladies and gents, it’s the internet, nothing is secure, nor has it ever been. Don’t blame these things on BCO. Today is my first visit in over 4 weeks, mostly because of the websites failed updates. Sadly all great things come to an end, as with our BCO. But there will be something new come along. Also sad, with BCO some of us have lost a great community, which will never come back. I miss everyone but I get that things change, times change, technology changes. The BCO change was sudden, unexpected and continues to be poorly handled. It is what it is. And that’s is sad.
-
molliefish, I've now lived long enough (I'm 75) that I get what my grandmother told me...nothing stays the same. It didn't make sense to me then and now I get it. That doesn't mean its not a tremendous loss on so many, many levels. I don't know what I would do if I were on the Stage IV boards. Nor would I know what to do if I progressed to Stage IV and where would I go?
-
If back in January BCO had made an announcement (given notice) like "We're sorry to inform you that BCO is no longer able to administer member forums and as of March 1st we will with great regret be closing the forums." Or similar...We would have moved on and been sad. We would have had time to make arrangements with connected members/friends. Instead they have done what they are doing and the sadness has had rage, incredulity and actually deep hurt at the disrespect given to members piled on.
I
-
I'm still here. I don't like the changes, but without my friends here, I'd be lost! Wrenn, I had a moment of panic when I read your post, thinking that BCO was closing the forums. At this point with Stage IV, I come here often for support, laughter and of course this Steam Room for Anger. You ladies all make my day.
Carol
-
I'm so pissed off right now. I'm sick with some type of cold like virus (COVID test was negative) because someone I trusted was not forthcoming with me. I've been so incredibly careful these past two years of this pandemic, wearing an N95 mask everywhere crowded or indoors and around all but a few select, trusted family members and this previously trusted friend, because when I get sick, even pre chemo when my WBCs were generally higher, I tend to get very sick, due to other health issues and bad genetics, and I'm so tired of people not understanding that.
I'm not the person who can push through influenza and go about their day with the help of Tylenol and Robitussin. I'm the person who get's stuck in bed for two weeks with a fever Tylenol can't get below 102F and then two weeks after I recover I either relapse or develop pneumonia and am stuck in bed for another two weeks with fevers that can approach 104F. And this happens every single time.
I don't think I currently have influenza but I still feel horrible and it has completely upended my plans. I had to cancel belated mother's day plans with my mother, will have to reschedule a dentist appointment for a sensitive tooth that I've been waiting over a month for, and might have to reschedule my lupron injection and also the MRI and presurgical consultation for the hysterectomy I need due to concerning uterine issues that are potentially a result of the Tamoxifen I had previously been on.
And this all could have been avoided if someone had just told me they had cold like symptoms before coming in to my space.
-
wc3, I'm SOOOO sorry! It's unbelievable that someone would knowingly put you at risk for such severe consequences. I'm sorry you're sick, I'm sorry you're having to reschedule all of your appointments (especially the hysterectomy) and all the rest.
I hope you start recovering very soon.
(((hugs)))
Carol
-
I feel for all the Stage IV people here. I know hard it is with other issues we deal with and testing and going through treatment and follow up on early stages and then worries about it coming back again The support of people here has made a big difference to me I know and I keep you all in thoughts every day even if I do not post.
-
bcincolorado, thank you. I'm really sad that things here are going so badly. We all get used to each others stories. I'm always interested in hearing what's happening with you as well....
-
Why was the glitches thread shut down?
ETA. It's back.
-
Something got corrupted on those last 2 pages . I was able to add posts to get to a new clean page.
-
Once again, though I am not a suspicious person , I just tried to access the glitches thread and got the error message. I may need to stay away from bco so that I can maintain my usual non-suspicious sunny nature. I would hate to think that a support forum caused me to devolve into a suspicious old lady. No insult to suspicious old ladies but that is not in my nature and I don’t want it to be!
-
Click on the last page. That should work.
-
P/A
signed, old lady
-
exbrnxgrl - It might have been one of my posts in trying to help Alice that corrupted the pages . I copied a block of text to start a new topic. Normally I would take a screenshot. 🙄
I assume mistake before corruption.
-
If you’re still getting an error on the glitches thread, it may be that you’re getting sent to the first unread post on one of the corrupted pages. Here’s a link that should work :
https://community.breastcancer.org/forum/93/topics/787232?page=375#post_5750583
-
We have zero intention of closing the community. We are working toward a MUCH improved platform, and fix. We're so sorry for everything you've experienced.
-
Mods- When can we expect the "MUCH improved platform"???????????????
-
Mods- you might keep a forum platform, but the lack of available information & support from our "sisters" is what has destroyed the site. Molliefish, a few hours ago was correct, BCO as we knew it is over. 2 months you've wasted our time and taken away our reason to come here. Your tech disaster became our problem and maybe we should just "let it go". If we are interested in 6 months, maybe some can restart....for those of us stage 4 that can seem too farout for help.
-
Rant on family members who feel they just impose on you for everything even if you really do not feel up to doing the things you did before. They want to see you as you were and not as how you are and do not see how it is a struggle some days to get through the day.
-
nopink2019 and all you other ladies, ever since this forum changed "for the better" I haven't been happy with it (an understatement) and now a data breech? I'm just catching up on the news...was sick with covid. Haven't been that sick in a very long time. Still don't feel good but am better. It's warmed up so at least Ican be outside. Idk if I want to stay on this forum
-
Kid1919 - Real sorry to hear that you've been dealing with Covid. I got it too about a month ago, and only today, am I having what I would call a "normal" day. It has been almost a month for me! Hang in there, it does seem to finally get better. My case wasn't real bad, but it's been real persistent, and I'd had all the vaccinations, booster, wear a mask everywhere, and hardly go anywhere. It is no fun.
I also agree about the forum. I too have been here much less due to the abominable disaster it has become, and then the Covid. The data breach on top of the original mess; unbelievable. They really need to get some people up at the top who know what they are doing.
Again, wishing you all the best with your Covid recovery.
-
Sunshine99:
Thank you Carol! The core issue seems that a lot of people, my friend included, tend towards denial when they are sick with cold like symptoms if the syptoms are mild or just beginning. My mother does this. All sore throats are because she slept with her mouth open facing the fan. But really, it has never been because of the fan.
-
Exactly, wc3. Even if they said, "Hey, I'm probably OK, but I THINK I might be coming down with a little bug," you'd be able to take measures to further protect yourself - like staying away from them. I get the denial. I don't want to overblow every little symptom, but we - and especially you - need to stay hyper-aware of bugs that could kill us!
-
Hate all the covid and the problems it is causing. We are trapped in our house due to immune issues. Go to doctor appointments and that is it pretty much. Masking and distancing anyway there. Cancer has taken so much from our lives already and and cna't even travel we feel. So sad.
-
After my follow up the other day, I looked at the notes this morning. I learned that according to some scale my high risk of bc is 65%! Is that bad? I knew it was over 20% being high risk but this is the first time I've seen an actual number. It is what it is and not a darn thing I can do about it really. Hope to get back down the bay cottage this weekend to work and keep my mind off things. The 24th of May is 2 years since hubs passed. I took a vacation day for that.
Stay well and strong! Enjoy the weekend!
Categories
- All Categories
- 679 Advocacy and Fund-Raising
- 289 Advocacy
- 68 I've Donated to Breastcancer.org in honor of....
- Test
- 322 Walks, Runs and Fundraising Events for Breastcancer.org
- 5.6K Community Connections
- 282 Middle Age 40-60(ish) Years Old With Breast Cancer
- 53 Australians and New Zealanders Affected by Breast Cancer
- 208 Black Women or Men With Breast Cancer
- 684 Canadians Affected by Breast Cancer
- 1.5K Caring for Someone with Breast cancer
- 455 Caring for Someone with Stage IV or Mets
- 260 High Risk of Recurrence or Second Breast Cancer
- 22 International, Non-English Speakers With Breast Cancer
- 16 Latinas/Hispanics With Breast Cancer
- 189 LGBTQA+ With Breast Cancer
- 152 May Their Memory Live On
- 85 Member Matchup & Virtual Support Meetups
- 375 Members by Location
- 291 Older Than 60 Years Old With Breast Cancer
- 177 Singles With Breast Cancer
- 869 Young With Breast Cancer
- 50.4K Connecting With Others Who Have a Similar Diagnosis
- 204 Breast Cancer with Another Diagnosis or Comorbidity
- 4K DCIS (Ductal Carcinoma In Situ)
- 79 DCIS plus HER2-positive Microinvasion
- 529 Genetic Testing
- 2.2K HER2+ (Positive) Breast Cancer
- 1.5K IBC (Inflammatory Breast Cancer)
- 3.4K IDC (Invasive Ductal Carcinoma)
- 1.5K ILC (Invasive Lobular Carcinoma)
- 999 Just Diagnosed With a Recurrence or Metastasis
- 652 LCIS (Lobular Carcinoma In Situ)
- 193 Less Common Types of Breast Cancer
- 252 Male Breast Cancer
- 86 Mixed Type Breast Cancer
- 3.1K Not Diagnosed With a Recurrence or Metastases but Concerned
- 189 Palliative Therapy/Hospice Care
- 488 Second or Third Breast Cancer
- 1.2K Stage I Breast Cancer
- 313 Stage II Breast Cancer
- 3.8K Stage III Breast Cancer
- 2.5K Triple-Negative Breast Cancer
- 13.1K Day-to-Day Matters
- 132 All things COVID-19 or coronavirus
- 87 BCO Free-Cycle: Give or Trade Items Related to Breast Cancer
- 5.9K Clinical Trials, Research News, Podcasts, and Study Results
- 86 Coping with Holidays, Special Days and Anniversaries
- 828 Employment, Insurance, and Other Financial Issues
- 101 Family and Family Planning Matters
- Family Issues for Those Who Have Breast Cancer
- 26 Furry friends
- 1.8K Humor and Games
- 1.6K Mental Health: Because Cancer Doesn't Just Affect Your Breasts
- 706 Recipe Swap for Healthy Living
- 704 Recommend Your Resources
- 171 Sex & Relationship Matters
- 9 The Political Corner
- 874 Working on Your Fitness
- 4.5K Moving On & Finding Inspiration After Breast Cancer
- 394 Bonded by Breast Cancer
- 3.1K Life After Breast Cancer
- 806 Prayers and Spiritual Support
- 285 Who or What Inspires You?
- 28.7K Not Diagnosed But Concerned
- 1K Benign Breast Conditions
- 2.3K High Risk for Breast Cancer
- 18K Not Diagnosed But Worried
- 7.4K Waiting for Test Results
- 603 Site News and Announcements
- 560 Comments, Suggestions, Feature Requests
- 39 Mod Announcements, Breastcancer.org News, Blog Entries, Podcasts
- 4 Survey, Interview and Participant Requests: Need your Help!
- 61.9K Tests, Treatments & Side Effects
- 586 Alternative Medicine
- 255 Bone Health and Bone Loss
- 11.4K Breast Reconstruction
- 7.9K Chemotherapy - Before, During, and After
- 2.7K Complementary and Holistic Medicine and Treatment
- 775 Diagnosed and Waiting for Test Results
- 7.8K Hormonal Therapy - Before, During, and After
- 50 Immunotherapy - Before, During, and After
- 7.4K Just Diagnosed
- 1.4K Living Without Reconstruction After a Mastectomy
- 5.2K Lymphedema
- 3.6K Managing Side Effects of Breast Cancer and Its Treatment
- 591 Pain
- 3.9K Radiation Therapy - Before, During, and After
- 8.4K Surgery - Before, During, and After
- 109 Welcome to Breastcancer.org
- 98 Acknowledging and honoring our Community
- 11 Info & Resources for New Patients & Members From the Team