Joseph Conn reports: There is some good news on the healthcare data-breach front. According to data compiled on the larger breaches of patient-identifiable medical records reported to HHS’ Office for Civil Rights, 2012 is on track to record fewer breaches than any full year since the American Recovery and Reinvestment Act of 2009 required such…
Month: November 2012
Delayed breach notification letter from law firm raises more questions than it answers (updated)
Here’s another notification letter submitted to the California Attorney General’s Office that left me scratching my head. It’s from the law firm of Sprechman & Associates, P.A. in Miami, a firm that specializes in collections. My comments and questions are inserted in italics: Dear XXXXXX: I am writing to advise you that your personally identifiable information…
Couple Stole the Identities of Doctors Who Applied for Fellowships at Johns Hopkins Hospital and Patients at Highlandtown Community Health Center
Another scheme involving insider breaches comes to light in Baltimore. The U.S. Attorney’s Office in Maryland reports: Ringleader Derrick Hill, age 52, and his girlfriend Renee Cabell, age 51, both of Woodlawn, Maryland, pleaded guilty to conspiring to commit wire fraud and aggravated identity theft. According to their plea agreements, from August to October, 2009,…
OH: Boardman dermatologist reports potential patient ID theft
Because of the number of patients involved, we won’t see this on HHS’s breach tool, but it serves as a useful reminder that the risk of ID theft is everywhere, still: A dermatologist at 755 Boardman Canfield Road told police someone forced open a box that holds lab specimens outside the rear door of his…
Adobe investigates alleged customer data breach (updated)
Jeremy Kirk: Adobe said Wednesday it is investigating the release of 230 names, email addresses and encrypted passwords claimed to have been stolen from a company database. The information was released on Tuesday on Pastebin by a self-proclaimed Egyptian hacker named “ViruS_HimA.” The hacker, who claimed the database accessed holds more than 150,000 records, posted…
Agencywide Message to All NASA Employees: Breach of Personally Identifiable Information
SpaceRef posted a breach notification from NASA, dated today: […] On October 31, 2012, a NASA laptop and official NASA documents issued to a Headquarters employee were stolen from the employee’s locked vehicle. The laptop contained records of sensitive personally identifiable information (PII) for a large number of NASA employees, contractors, and others. Although the…