An old database that seems to have magically reappeared online more than a decade after it was removed reminds us of an often-overlooked risk. In January, DataBreaches.net reported that a behavior intervention therapist’s database was exposed online due to a misconfigured MongoDB installation. What struck me about the incident was that the therapist likely had no idea that a company she had…
Month: September 2016
CA: Anesthesiologist notifies patients after PHI wound up in a trash container
Anesthesiologist Pratap S. Kurra, M.D., is notifying some of his patients whose protected health information was found to have been discarded improperly on August 8. In a template of the notification letter uploaded to the California Attorney General’s web site, Dr. Kurra writes: On August 9, 2016, I was informed that papers related to my…
RI: University Gastroenterology notifies patients of ransomware attack
University Gastroenterology is notifying patients after what sounds like a ransomware attack. In a notice on their web site, they write that on July 11, 2016, they discovered that an unauthorized individual had gained access to an electronic file storage system from a practice they had acquired in 2014, Consultants in Gastroenterology, and encrypted several files….
CA: Yuba-Sutter Medical Clinic discloses August ransomware attack
Yuba-Sutter Medical Clinic is notifying patients after a ransomware attack on August 3. Fortunately, the center was able to regain access relatively quickly and no data were lost, although they acknowledge that they did experience some delays in accessing internal information and patient information while they worked to regain access. As far as they can…
UK: Canary Wharf computer hacker jailed for stealing thousands of pounds in gold
Francesca Gillett: A thief has been jailed after he stole thousands of pounds worth of gold by hacking into a company computer system from his Canary Wharf home. Adam Penny, 25, hid one of his laptops in the toilet at his lavish apartment in a bid to stop detectives discovering his operation. The hacker stole…
Mom Says For-Profit School Stole Her Identity
John Brackin reports: The mother of a student attending Fortis Institute in Birmingham, Ala., claims in court that the for-profit school used her personal information to fraudulently charge her for a student loan. Julie Rogers, a resident of Jefferson County, Ala., sued Fortis on Tuesday, along with its parent organization Education Affiliates LLC, in Northern…