Gavin Lesnick reports: UAMS is notifying about 1,500 patients that a former resident doctor who was fired in 2010 improperly kept medical records containing some personal information. The hospital said in a statement that the doctor violated policy when she kept documents containing information including patient names, partial addresses, medical record numbers, dates of birth,…
Month: November 2012
CA: Cyber Hacker Steals Credit Card Numbers From EJ Phair Customers
Emily Henry reports: Customers of Concord’s EJ Phair Brewing Company may have noticed some unusual charges on their bank statements recently, ranging anywhere from a $700 fee at Staples in Washington state to a couple of bucks at a McDonald’s in Nevada. The cause of those unexplained charges has been discovered as the work of a sophisticated…
Documents + unattended vehicles = yes, again
Karen Dillon reports that mortgage loan documents from Pulaski Bank that included applicants’ tax returns and other sensitive information were stolen from an unattended vehicle in September. The documents had reportedly been stolen from a loan official’s car while it was parked at a gym. This type of breach is certainly not new… I’ve been covering…
Sourcefire laptop with employee data stolen
Sourcefire has had a breach that is probably a bit embarrassing for a company known for security solutions. It seems a company laptop with employees’ Social Security numbers was stolen on November 6, and according to their notification letter to the New Hampshire Attorney General’s Office, the laptop was (only?) “password-protected.” Their letter didn’t…
Follow-up on the Gulf Coast Health Care Services breach
Back on November 10, I noted that HHS’s breach tool had added an entry for Gulf Coast Health Care Services: Gulf Coast Health Care Services in Florida suffered a network compromise on August 17 that reportedly affected 13,000 patients. The incident was reported to HHS as “Theft, UnauthorizedAccess/Disclosure, Hacking/IT Incident”,Network Server. I commented at the…
Follow-up: Brighton and Sussex University Hospitals NHS Trust data breach fine reduced for timely payment
In June, Brighton and Sussex University Hospitals NHS Trust were hit with a £325,000 monetary penalty for a data protection breach. Rebecca Todd reports that they ultimately paid £260,000, a 20% “savings” for prompt payment that is offered to those being fined.