Some job applicants are first learning about the May, 2018 JobScience breach....
In November, 2018, this site noted a breach disclosed by Huntsville Hospital involving JobScience, Inc., a vendor providing online job application services. On November 10, we reported that other...
View ArticleThousands of health records and doctor’s notes were exposed daily
Zack Whittaker reports: A health tech company was leaking thousands of doctor’s notes, medical records, and prescriptions daily after a security lapse left a server without a password. The little-known...
View ArticleZOLL notifying 277,319 patients of vendor data exposure incident
ZOLL Medical Corporation, an Asahi Kasei Group Company, develops and markets medical devices and software solutions. A press release on March 18 described an incident that impacted what they describe...
View ArticleFormer NSA contractor accused of largest security breach in US history...
Kevin Collier reports: A former National Security Agency contractor accused of the largest security breach in US intelligence history is expected to plead guilty on Thursday, his lawyer told CNN....
View ArticleAnd speaking of refusals to reimburse for breaches….
I don’t have access to the full article, but Law360 is reporting that: CVS Can’t Recoup $1.8M Info Disclosure Penalty From Printer A printing company that contracted with CVS to mail benefit letters to...
View Article24K Cremation Society of Pa. customers notified of possible loss of personal...
Steve Marroni reports: The personal information of more than 24,000 clients of the Cremation Society of Pennsylvania may have been compromised. While officials do not believe any identities have...
View ArticleLansing woman deals with data breach aftermath – but is it really from that...
WILX reports: About six months ago, a medical billing company was hacked and patients information was compromised. One Lansing woman says she’s still dealing with the aftermath. Joanne Fink says she’s...
View ArticleMO: Burrell Behavioral Health notified more than 67,000 patients whose ePHI...
On March 29, Burrell Behavioral Health published a news release about an unnamed business associate accidentally exposing ePHI of more than 67,000 patients back in August, 2018. Burrell’s notification,...
View ArticleUK: Law Firm Launches $6.5 Million Action Against Ticketmaster Over Data Breach
Richard Smirke reports: A British law firm has launched a £5 million ($6.5 million) legal action against Ticketmaster following last year’s security breach, which is believed to have affected up to...
View ArticleAccounting firm notifies clients affected by Citrix Shareful incident
In December, 2018, Citrix forced a password reset for some of its clients due to what appeared to be a credential stuffing attack against ShareFile. But did some customers first find out about it...
View ArticleUpdate on Meditab breach
On March 19, this blog linked to a TechCrunch report about an improperly secured Meditab fax server that potentially allowed fax images with patient information to be accessed from an analytics portal....
View ArticleGreek DPA Issues EUR 30,000 Fine For Data Protection Violation by Hellenic...
Hunton Andrews Kurth writes: On April 15, 2019, the Greek Data Protection Authority (“DPA”) fined Hellenic Petroleum S.A. EUR 20,000 for unlawful processing of personal data and EUR 10,000 for failing...
View ArticleInmediata Health Group notifies covered entities’ patients after exposure of...
From their press release: Inmediata Health Group, Corp. (“Inmediata”) recently became aware of a data security incident that may have involved the limited personal and medical information of some of...
View ArticleIn the process of notifying patients of a web exposure breach, Inmediata...
Reading the comments under the Inmediata press release is like watching a train wreck happen right in front of you. Many people are reporting that they have received multiple notification letters from...
View ArticleHackers Snatch and Try Unsuccessfully to Ransom Data from IT Service...
Joseph Cox reports: Hackers have broken into an internet infrastructure firm that provides services to dozens of the world’s largest and most valuable companies, including Oracle, Volkswagen, Airbus,...
View ArticleMichigan investigating the Inmediata breach
Michigan’s Attorney General is aware of the Inmediata breach and its incident response cock-up that has been reported on this site. People have been complaining here and some have called the state to...
View ArticleSpectrum Health Lakeland notifies patients after billing vendor breach
I’m not finding anything on their web site just yet, but Spectrum Health Lakeland has reportedly been notifying patients about a breach involving their billing provider, OS Inc. WSJM reports that the...
View ArticleVendor used by schools to register students for AP and PSAT exams left...
A school contractor that provides online registration so students can sign up for AP and PSAT exams misconfigured their cloud storage, exposing students’ and parents’ personal information. A number of...
View ArticleAmerican Medical Collection Agency breach impacted 200,000 patients – Gemini...
A data breach involving a medical collection agency affected more than 200,000 patients who had used the firm’s online payment portal between September, 2018 and the beginning of March, 2019. At the...
View ArticleNumbers from the OS, Inc. breach dribble in…
OS, Inc. provides revenue management (billing) services to covered entities. I recently reported on a phishing-related breach they experienced in 2018 that was first disclosed this month. As I noted in...
View Article