Eric Van Susteren reports: A computer containing medical records and personal information for approximately 2,500 patients was stolen from a Stanford physician’s locked office sometime between July 15 and 16, according to Stanford University Medical Center. The computer, which may also have held some patient social security numbers, was outfitted with software that would detect…
Author: Dissent
More breaches you may not have known about
The newest additions to HHS’s breach tool reveals more breaches I hadn’t known about previously: Wolf & Yun in Kentucky reported that 824 patients were affected by a laptop theft on April 24th. A public notice on the breach posted in the Courier-Journal on July 20 explains: Public Notice Information on the limited theft of…
GM notifying more than 800 workers of personal information breach
Melissa Burden reports: General Motors Co. said Friday that 883 active and retired GM workers may have had their personal information exposed — including Social Security numbers — after a GM employee copied personal information just before retiring in May. “GM has completed an investigation of this incident and is contacting the affected individuals to…
Defining Reasonable Security
Tracy Kitten writes: Last month, an appellate court in Boston reversed a lower court’s ruling that favored a bank in a legal dispute over a 2009 account takeover incident (see PATCO ACH Fraud Ruling Reversed.) Was that appellate ruling fair? Based on the security practices that most banking institutions used in 2009, probably not. The case…
More transparency needed in Health Authority insider breaches
CBC News reports: Health authorities in Labrador and central Newfoundland acknowledge they have disciplined workers for previously-unreported privacy breaches. Last year, Central Health admitted to a serious breach of privacy involving 19 patients. The employee responsible was fired. Since then, the board has not publicly reported any other breaches — until being asked by CBC…
OR: Hacking cases down, still a threat: by the numbers
Some interesting stats in a news report by Queenie Wong in the Statesman Journal: Cybersecurity by the Numbers Since 2009, state agencies have been required to report the number of suspicious information security incidents to the state’s Enterprise Security Office, which is part of the Department of Administrative Services. All incidents are not necessarily considered…