Encarnacion Pyle reports: Ohio State University Medical Center has notified 30 patients and 150 students that a hacker might have accessed their names, medical information and/or Social Security numbers. Officials said there is no indication that any personal information was taken or that the incident has resulted in identity theft, but they are providing 12…
Author: Dissent
Sg: Doctor fined, censured for spying at patients' records
I thought some readers might be interested in how privacy violations are handled in Singapore. From Channel News Asia: A doctor has been fined S$10,000 and censured for accessing the medical records of two patients who were not under his charge. 32-year old Dr Tre’gon Singh Randhawa has also given the Singapore Medical Council a…
Contractor hit with second class action suit over TRICARE data theft
Bob Brewin reports: TRICARE contractor Science Applications International Corp. was hit with a second class action lawsuit filed in a California state court seeking unspecified monetary damages related to the theft of computer tapes containing the records of 4.9 million health care beneficiaries. The latest suit seeks certification as a class action for all TRICARE beneficiaries in…
Cn: SQL Injection Attack Exposes Sina Passwords
Reuters reports: China’s SINA Corp has fixed a vulnerability in one of its websites that allowed unauthorised access to microblogging usernames and passwords, a Chinese web security blog reported. Sina’s question-and-answer website, iask.sina.com.cn, was revealed to have a security loophole that made it easy to uncover Weibo account passwords and usernames, Youxia security blog reported…
VN: 3 men identified as illegal sellers of private info
I just came across a more detailed news report on the VietNam breach I mentioned yesterday. Tuoi Tre reports: In October 2010, [Duong Hong] Le set up the company’s official website at danhsachkhachhang.com, but the site has focused only on offering to sell lists of information on individuals, companies and organizations. The website… contains the…
VA: Spotsylvania school employees’ personal information was available online
There’s been an exposure breach involving Spotsylvania school employees’ personal information. Yesterday, Fredericksburg.com reported: The division began mailing letters to employees about the security breach this afternoon and expects to have all of them mailed by tomorrow morning, schools spokeswoman Rene Daniels said in response to my inquiry. An employee discovered the problem on Dec….