Matt Discombe reports: Private patient data held by Gloucestershire hospitals was mistakenly uploaded to a server in the USA due to problems with its new electronic record system. Information on 56 patients held by Gloucestershire Hospitals NHS Foundation Trust had been erroneously copied onto the server in October. The records, which included ‘identifiable sensitive data’…
Month: December 2017
Henry Ford Health System Warns 18,470 Patients Of Data Breach
CBS reports: Roughly 18,500 patients at Henry Ford Health System have possibly had their personal information stolen in a data breach. Officials say the breach was discovered in early October after the email credentials of a group of employees were stolen, which gave the thief access to patients’ records. Read more on CBS.
Lowell General Hospital notifies patients after firing rogue employee who accessed files improperly
Ah, I feel like I’ve been transported back in time, when it was always so hard to find a notification of a breach on an entity’s web site. I went searching for information on a breach Lowell General Hospital in Massachusetts reported to HHS as affecting 769 patients. I was looking for media contact information,…
Former Sysadmin Caught Hacking His Ex-Employer by His Replacement
Catalin Cimpanu reports: On Wednesday, November 29, a Kansas City court sentenced a Missouri man to six years in federal prison without parole for hacking his former employer, stealing trade secrets, and for accessing child pornography. The man is Jacob Raines, 38, of Parkville, Missouri, who worked as IT manager for American Crane & Tractor…
Real Time Health Quotes leak affected health insurance applicants
So it appears I missed a third-party vendor/business associate leak that affected at least two covered entities and possibly more. Great thanks to Humana for sending along the vendor’s press release when I inquired about a breach report Humana had made to HHS as affecting 5,764 members or potential members. It turns out that the…
July Systems data leak: Massive trove of sensitive information exposed online via unsecured database
India Ashok reports: A massive trove of sensitive data was left freely exposed online by San Francisco-based July Systems. The company’s cloud-based location intelligence and engagement platform called “Proximity MX”, which contains proprietary information belonging to the firm and its clients, were exposed via unsecured Amazon S3 databases. […] According to security researchers at Kromtech,…