Attorney General William Sorrell filed a complaint and proposed settlement Friday with Health Net, Inc., and Health Net of the Northeast, Inc., regarding the health insurance company’s loss of an unencrypted portable hard drive containing protected health information. The complaint alleges violations of HIPAA (the Health Insurance Portability and Accountability Act), Vermont’s Security Breach Notice Act, and…
Author: Dissent
(follow-up) Junior doctor's stolen laptop: files had been emailed
Following up on the Hull Royal Infirmary and Castle Hill Hospital incident: Dan Raywood quotes a hospital spokesperson who indicates that the doctor had emailed the data to himself. It seems that while the hospital had controls in place to prevent downloading data, its controls to prevent emailing data were not adequate to prevent this…
Sydney Festival in privacy glitch
Luke Hopewell reports: Organisers behind the annual Sydney Festival have inadvertently committed a privacy breach by sending an email to users that displayed the contents of its mailing list. The email contains the email addresses of around 130 people who registered for a festival mailing list, some from government departments, Sony Music, JP Morgan and…
NSW Privacy Commissioner investigates University of Sydney data breach
Ben Grubb reports: NSW acting privacy commissioner John McAteer today said that his office was “examining” a data breach through which the detailed records of thousands of University of Sydney students past and present were leaked. The records were being stored online where they could be downloaded easily and read via an internet connection. It…
(follow-up) Woman who victimized 50 people pleads guilty to 140 financial fraud charges
Minna Sugimoto reports: A Kailua woman accused of going on shopping sprees after stealing the identities of nearly 50 people pleaded guilty to 140 financial fraud charges Wednesday. With sunglasses hanging from her prison jumpsuit, a former beauty queen took center stage to admit that she led a lavish lifestyle at the expense of nearly…
E-mails containing malware sent to businesses concerning their online job postings
From the Internet Crime Complaint Center (IC3): Recent FBI analysis reveals that cyber criminals engaging in ACH/wire transfer fraud have targeted businesses by responding via e-mail to employment opportunities posted online. Recently, more than $150,000 was stolen from a US business via unauthorized wire transfer as a result of an e-mail the business received that contained malware. The…