Yakov Shafranovich found a vulnerability that exposed patients’ prescription histories to others as long as the other(s) had their full name and date of birth: During the signup process, PillPack.com prompts users for their identifying information. In the end of the signup rocess, the user is shown a list of their existing prescriptions in all…
Month: May 2015
Baltimore police data dumped
I suppose we shouldn’t be surprised to see data from the Baltimore Police Department dumped in response to what’s gone on there. Email addresses and IPs plus a bit more information was dumped today.
Ca: Confidential medical records found abandoned
So HHS discloses a settlement with a pharmacy that did not properly dispose of patient records, and now we hear that a Canadian pharmacy has also failed to dispose of records properly. CTV reports: A discovery inside an apartment building’s recycling bin has one London man fuming, after private medical documents from a nearby pharmacy…
CA: Court orders hospital to release staff info following patient privacy breach
SanDiego6 reports: County USC-Medical Center must turn over the names and duties of all nurses and other medical personnel who treated a La Canada Flintridge woman who stuck pencils in her eyes in a suicide attempt as well as the identifications of staff supervisors, a judge ruled Thursday. The self-mutilated woman’s image was captured by…
Missouri high school student arrested on suspicion of hacking into school network
Heather Hourigan reports that a Fulton High School student has been arrested after hacking into the school’s computer system. The attack, allegedly by Austin Singleton, caused the network to go down for several hours, although personal information was reportedly not affected. Read more on ABC and KOMU. While the news stories focus on the student’s arrest, there’s…
A bit of hard luck hits Hard Rock Hotel & Casino customers
A statement from the Hard Rock Hotel & Casino, linked from their home page: The trust and loyalty of our customers is our highest priority, which is why, as a precautionary measure, we are writing to let you know of a security incident that may have affected your credit card information. This incident may have…