Opening statements were held today in FTC vs. LabMD, one of only two data security enforcement cases that have not resulted in a consent order to settle charges. FTC attorney Alain Sheer provided the overview of the FTC’s complaint, alleging that LabMD failed to have a reasonable and appropriate data security program. He was only just into his…
Month: May 2014
Additional details on Los Robles Hospital breach
On May 10, I had noted a breach involving Los Robles Hospital and Medical Center in Thousand Oaks, California. HHS’s public breach tool had indicated that an incident involving their business associate, Courier Express, had resulted in the notification of 2,523 patients. A hospital spokesperson kindly called me to respond to the e-mail inquiry I had…
Court Ventures/U.S. Info Search/Experian breach tied to more cases of ID theft
Trot on over to KrebsOnSecurity.com, where Brian’s connecting the dots between a number of criminal prosecutions and Ngo, the Vietnamese national who posed as a Singapore investigator to get a Court Ventures account that gave him access to reports in U.S. Info Search’s database. Experian subsequently acquired Court Ventures, and Ngo’s account was allowed to continue…
The MCCCD breach: Breach costs now approach $20 million
Mary Beth Faller reports that breach costs for the Maricopa County Community College District (“MCCCD”) breach continue to rise: The Maricopa County Community College District governing board has approved an additional $2.3 million in lawyers’ fees to deal with the computer-security breach that occurred last year. The board also approved spending $300,000 to deal with…
UK: University of Nottingham mistakenly sends e-mail containing personal details of job applicants
Marcus Boocock reports: Confidential details of thousands of job applicants were mistakenly sent via e-mail by the University of Nottingham. An attachment sent to users of the university’s job site contained the names of 4,751 people who had applied for a job there. It also listed whether they had been successful. A spokesman for the…
MO: Medical records found blowing in wind outside Research Hospital
Garrett Haake reports: At least several dozen, but possibly hundreds, of confidential medical records were scattered to the winds outside Research Hospital on Monday afternoon, potentially exposing the personal and medical information of scores of former patients of Midwest Women’s Healthcare. […] The man collected some 70 patient records and provided them to 41 Action…