Joseph Neff reports: Blue Cross and Blue Shield of North Carolina periodically shares the private personal and health information of hundreds of thousands of clients with a third-party company that designs the insurance company’s software system, documents and interviews show. Internal documents obtained by The News & Observer reveal an ongoing discussion within Blue Cross…
Month: July 2013
Sony Italy Hacked, Over 40k Personal Details Leaked
Turkish Ajan hacker group has today announced a leak of data from the official Italian Sony website. The announcement has come from the official @TurkishAjan twitter account and was announced a short time ago as a leak of accounts from the Italian based Sony website. > Sony Italy hacked (https://t.co/iGrmligcW5) ! 40k account leak. File: https://t.co/p2rbT0UgbN…
Six fired from Cedars-Sinai over patient privacy breaches
Anna Gorman and Abby Sewell report that five employees and a student research assistant at Cedars-Sinai Medical Center have been fired for inappropriately accessing 14 medical records in a one-week period last month. Four were employees of community physicians who have medical staff privileges at the hospital, one was a medical assistant employed by Cedars-Sinai, and…
Restaurant’s lawsuit against Micros Systems goes to trial Monday
Cotton Patch Cafe‘s lawsuit against Micros goes to trial in U.S. District Court in Baltimore on Monday. I had posted some of the background on this case back in July 2011, here. The restaurant sued Micros after it was hacked and customers’ credit card information was stolen. Now Gary Haber reports: The lawsuit alleges that…
Digging in their heels: Wyndham and LabMD challenge FTC’s authority in data security cases
Cross-posted from PHIprivacy.net: Adam Greenberg reports on two cases where businesses have challenged the FTC’s authority in data security cases. Although Wyndham’s challenge has been discussed in detail on DataBreaches.net (see these posts), I haven’t really described the LabMD case until now. In the LabMD case, the Atlanta Business Chronicle reported last year: The federal agency…
ICO fines NHS Surrey for failing to check the destruction of old computers
From the U.K. Information Commissioner’s Office: The Information Commissioner’s Office (ICO) has issued NHS Surrey with a monetary penalty of £200,000 after more than 3,000 patient records were found on a second hand computer bought through an online auction site. The sensitive information was inadvertently left on the computer and sold by a data destruction company employed…