Joseph Goedert reports: The Lexington (Ky.) VA Medical Center has notified about 1,900 veterans of a breach of their protected health information. An employee without authorization took home on a laptop patient information, including names, dates of birth, medical diagnoses and the last four digits of Social Security numbers, according to a statement from the…
Author: Dissent
Maine voter registration system breached
Kevin Miller reports: The Maine Secretary of State’s Office said Wednesday it is investigating a potential security breach in the computer system that contains records on Maine’s registered voters. The state was notified Wednesday afternoon by the cybersecurity monitoring arm of the U.S. Department of Homeland Security that Maine’s Central Voter Registration system had been…
Hacker exposes 20,000 usernames, passwords, and email addresses from Allianceforbiz.com (updated)
Fahmida Y. Rashid reports: A solo attacker has hacked into an events management company and obtained sensitive information belonging to 20,000 individuals, many of whom were United States government employees or contractors. The cyber-attacker posted an Excel spreadsheet containing log-in credentials and personal information for 20,000 people obtained from allianceforbiz.com, according to a blog post…
Society of Manufacturing Engineers reports theft of credit card numbers and personal data
The Society of Manufacturing Engineers (SME) appears to have suffered a serious security breach. By letter dated August 16, the Dearborn-Michigan based organization notified the New Hampshire Attorney General’s Office that on August 10, there was unauthorized access to their server, resulting in data theft. Individuals’ names, addresses, dates of birth, credit card numbers with…
Illinois Amends Breach Notice Law to Specify Notice Content, Cooperation
Brendon Tavelli writes: On August 22, Illinois Governor Pat Quinn signed House Bill 3025 into law. In doing so, he aligned Illinois with a small group of states responding to increased concern about privacy and information security by retooling their existing information security breach notification frameworks. HB3025, in particular, amends the state’s breach notification law to specify…
Providence police, hospitals at odds in medical privacy debate
Amanda Milkovits has a great report on the thorny intersection between law enforcement, state medical privacy laws, and HIPAA: A judge in a murder trial in June wanted to see the medical records of a woman whose husband was charged with killing her. Rhode Island Hospital’s records department rejected the court order –– and answered…