Earlier today, I noted that ALDI had notified the Maryland Attorney General’s Office that 8,000 Maryland residents might be affected by the recent security breach they experienced. Also today, 13WHAM in New York reported that ESL Federal Credit Union has blocked activity on the credit/debit cards of approximately 3,700 customers because of the breach breach. ESL…
Author: Dissent
Pointer: Lots of health data breaches reported to HHS, only trivial ones to FTC
Steve Gantz comments on the apparent discrepancy in breach reports received by the FTC from PHR vendors and by HHS: It seems fair to ask, can any substantial conclusions be drawn from the paucity of breaches reported to the FTC or their relative triviality? No one appears to be suggesting that the data protection practices…
College of Physicians and Surgeons of Manitoba web site compromised
The College of Physicians and Surgeons sent a warning letter to its members Monday about an on-line attack that resulted in unauthorized access to the password-protected section of its website. “We sincerely apologize for this potential breach of your privacy and any harm it may cause you,” the letter sent by registrar Dr. Bill Pope…
Prescription for fraud: stealing professionals' identities
When we talk about ID theft in the healthcare sector, we usually think of patients’ identities being stolen. Occasionally, though, I’ve seen reports where providers’ identities were stolen to further some other scheme such as obtaining prescription medications or insurance fraud. The National Post in Canada has this story about how common this latter type…
Encryption didn’t prevent this breach
A report to the Maryland Attorney General’s Office from ING gave me pause because I don’t remember ever seeing a security issue like this before in a breach report. In their notification, ING writes (emphasis added by me): ReliaStar Life Insurance Company (RLIC) is responsible for premium administration for RLIC insurance products purchased by employees of…
Stolen Trade Center Management Associates employee data triggered homeland security concerns
In June, Trade Center Management Associates in Washington, D.C. became aware that employee data had been stolen from a TCMA facility. Employee information on the stolen equipment included names, SSN, and in some cases, fingerprints. Among those with data on the device were 284 Maryland residents. The TCMA describes itself as a private sector…