Posted to Wake County’s website yesterday (h/t, WDTV/Yahoo) Wake County’s former flexible benefit spending accounts administrator, Interactive Medical Systems, recently reported that it experienced a data security breach that disclosed the personal information of nearly 1,900 Wake County Government employees to an unauthorized third party. “We sincerely regret any inconvenience or concern that this matter…
Month: February 2020
Threat Vector Number 1
Britton White is a cybersecurity & HIPAA Compliance advisor. The following article is reproduced with his kind permission. Email is the bane of our existence and the number one threat vector….. there’s no other way to say it. I’ve rummaged through over 30 hospitals and hundreds of clinics (some multiple times) in my time conducting…
Potential class action lawsuits filed against two more ransomware victims
On Thursday, I reported on a potential class action lawsuit that had been filed against two hospitals in Puerto Rico that suffered a ransomware attack. As I noted in my post, none of the named plaintiffs claimed that they had suffered any concrete injury or harm other than the cost and time involved in monitoring…
PSL Services in Maine notifies HHS, clients after discovering employee email accounts compromised
A press release from PSL Services in Maine (they are a HIPAA-covered entity): Peregrine Corporation d/b/a PSL Services (“PSL Services”) today announced that a recent event may have impacted the security of personal information relating to certain residents of Maine. While PSL Services is still in the process of identifying impacted individuals in order to…
Plastic Surgery Patient Photos, Info Exposed by Leaky Database
I’ve reported on a number of hacks and leaks involving plastic surgery centers where nude photos of identifiable patients wind up exposed or in bad actors’ hands. Sergiu Gatlan reports on yet another leak. This one exposed hundreds of thousands of documents in a misconfigured Amazon AWS S3 bucket owned by NextMotion, a French plastic…
WV: Charleston Lube Partners, LLC Provides Notice of a Payment Card Security Event
Via PR Newswire: Charleston Lube Partners, LLC, the independent owner and operator of Quaker Steak & Lube®, Charleston, West Virginia (“restaurant”), provides notice of an event that may affect the security of payment card information used by certain customers at this restaurant between February 14, 2019 and August 19, 2019. What Happened? Charleston Lube Partners, LLC utilizes a point of…