Waqas writes: A hacker using the alias NullHumanity claims that they have managed to identify a flaw in the customer login system of Freedom Mobile, a Canadian wireless telecommunications provider and claims to obtain private details of customers including their phone number, address, call history and other information effortlessly. The findings were reported by MobileSyrup. The…
Month: February 2018
Hygienist Steals Patients, Leaves Dentist with Huge Legal Bills
So we’ve all read breach reports about employees or former employees stealing patient data to go start a new competitive practice or to help their new employer. And a blog post on Dental Practice Marketing and Management by Jim Du Molin about a dental hygienist stealing patient data for her new place of work read…
Data breach at MassTaxConnect exposed businesses’ info
Joshua Miller reports: A data mix-up on a state tax portal inadvertently made private data from about 16,500 business taxpayers viewable to other companies, potentially even competitors. The breach lasted from Aug. 7, 2017, through Jan. 23, 2018, and allowed some companies to view other business’s names, federal employer identification numbers, tax payments, and other…
Consequences for HIPAA violations don’t stop when a business closes
There’s a new settlement announcement from HHS OCR that makes clear that even if an entity closes its doors, any HIPAA enforcement action continues: A receiver appointed to liquidate the assets of Filefax, Inc. has agreed to pay $100,000 out of the receivership estate to the U.S. Department of Health and Human Services (HHS) Office…
In Congressional Testimony, EPIC to Call For Comprehensive Privacy Law, New Privacy Agency
From EPIC.org: EPIC President Marc Rotenberg will testify before the House Financial Services Committee this week. Rotenberg will say that “Data breaches pose enormous challenges to the security of American families, as well as our country’s national security.” EPIC will call for comprehensive data protection legislation and the creation of a federal data protection agency….
UK: ICO releases Q3 data security incident trends
The Information Commissioner’s Office has released Q3 statistics on data protection incidents reported to their office. Not surprisingly, reports were up. Some of their key statistics: Central government sector reports rose by 178% from Q2 (from 9 to 25). Incidents involving a failure to redact data increased from 1 to 11. Education sector incidents rose by…