I’ve been working on compiling some annual statistics for 2017 for Protenus. This will be their second year of publishing an annual report for U.S. breaches involving health data, and I think readers will find some surprises in the statistics. Sometimes numbers do not match our impressions. But as I was working on entering and…
Month: December 2017
Biometrics Won’t Solve Our Data-Security Crisis
Eduard Goodman of CyberScout writes: The history of proving one’s identity with official documentation dates back 600 years to the realm of King Henry V in England. Prior to that, your name and local reputation was pretty much all you needed to prove who you were. The Safe Conducts Act of 1414 created the first…
Cape Cod students affected by Medicaid billing vendor’s data breach
Cynthia McCormick reports on the resolution of a lawsuit stemming from a laptop theft in 2014. The breach was previously reported on this site: Hundreds of Cape Cod students — many with special needs — were put at risk of identity fraud and theft when a laptop was stolen from an employee of a billing…
Clarion U. students notified after employees fall for phishing attack
Ron Wilshire reports: Clarion University was notified of an email compromise that occurred because of a criminal phishing scam that compromised two email accounts in the registrar’s office. The unauthorized individual or individuals had access to the accounts between October 7 and October 10. “Clarion University is committed to data integrity and privacy protection,” said Communication Manager…
Glens Falls Hospital workers’ Social Security numbers and flu shot status released in internal email
Michael Goot reports on a breach involving hospital employees’ health information. In this case, the health information relates to a work issue, and Social Security numbers are also involved, but it’s still their health information that caught my eye. The names and Social Security numbers of Glens Falls Hospital employees who had not received flu…
Humanitarian data breaches: the real scandal is our collective inaction
Nathaniel A. Raymond, Daniel P. Scarnecchia, and Stuart R. Campo write: The news that a platform used by at least 11 major operational NGOs and UN agencies may be relatively easy to breach, potentially exposing the personal, location, and demographic data of tens of thousands of highly vulnerable people, is deeply disturbing but not surprising….