Update: This incident actually was a phishing incident, and The Telegraph‘s story now reflects that, so I’m adding this one to the 2017 victims list. Originally, their story sounded like a straight-up hack. Their story now reads: The Alton steel company’s data system was victim to a “phishing expedition,” according to Alton Steel CEO Jim…
Month: February 2017
Multnomah County notified 1,700 patients after discovering employee was forwarding emails to personal account
From Multnomah County, Oregon: January 20, 2017 On August 24, 2012, a Health Department employee began automatically forwarding all emails received in the employee’s county email account to a personal Google email account not maintained by the county. Some of these emails included protected health information (PHI) subject to the Health Insurance Portability and Accountability…
Sports Direct hacked last year, but still hasn’t told its staff of data breach?
Alexander J. Martin reports: Sports Direct has left its 30,000-strong workforce in the dark over a data breach in the autumn when a hacker accessed internal systems containing staffers’ personal information. The Register can reveal the UK’s largest sports retail business was the subject of a digital break-in during September, when an attacker exploited public vulnerabilities…
Five months after learning of problem, Michigan cancer treatment provider notifies 22,000 patients
On October 21, 2016, Singh & Arora Oncology Hematology PC in Michigan notified HHS of a hacking incident that they reported impacted 16,000 patients. Today, we learn that 22,000 patients are first getting notification letters this week. Why has it taken more than three months since HHS was notified for patients to be notified? Jessica Dupnack reports: According to the letter, one of…
Small Milwaukee publisher sues to stop misrouted medical faxes putting him at risk
Jim Stingl reports: If you fax private medical information to a health management company in Ohio, you don’t expect it to arrive instead at a small publishing firm in Milwaukee. Well, surprise! That’s exactly what has been happening since the summer of 2015. Craig Berg, owner of Moose Moss Press, has tried to make it stop, but the wayward…
Isis-linked hackers attack NHS websites to show gruesome images from Syrian civil war
Kim Sengupta reports: Islamist hackers linked to Isis carried out an attack on a series of NHS websites in a cyber-attack exposing serious flaws in security systems meant to protect sensitive information, The Independent has learnt. Graphic, brutal images of violence from Syria’s war were put up on the sites by a group based in North Africa…