When a former Disney World employee was accused of changing the menus at Disney World restaurants, it made headlines. And in January, when he admitted to changing the menus — including information about allergy information that could have created serious health risks for diners — that also made headlines. Now Michael Scheuer, who faced 10…
Author: Dissent
No need to hack when it’s leaking (CORRECTED)
Please note the correction at the bottom of this post. Researcher Jeremiah Fowler recently discovered an unsecured database with protected health information (PHI) that appeared to be linked to Atrium Health in North Carolina. As reported at WebsitePlanet, there were 21,344 records with a total size of 6.99 GB. The database appeared to be an…
DOGE Sued Over Record Keeping, Failing to Reply to FOIA Requests
If breaches or insider wrongdoing by DOGE employees are suspected, DOGE’s alleged failure to maintain and make transparent required records makes investigation nearly impossible or actually impossible. Mallory Culhane reports: The Department of Government Efficiency and top Trump administration officials are being sued over the agency’s alleged violations of federal record-keeping and transparency laws. DOGE…
HHS Office for Civil Rights Settles Phishing Attack Breach with Health Care Network for $600,000
Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with PIH Health, Inc. (PIH), a California health care network, over potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The violations stem from a phishing attack that exposed unsecured electronic protected health…
High court upholds damages in ICBC privacy breach that resulted in shootings, arson
Long-time readers may recall a truly frightening insider breach at the Insurance Corporation of British Columbia (ICBC) that resulted in cases of arson and people being shot at. The breach was first disclosed in 2011. An employee had reportedly accessed personal information on 65 people. We would later learn that Candy Elaine Rheaume had accessed…
County auditor ordered to pay $80k after cyberattack
Employees screw up frequently. They fall for phishing attacks, or click on links they shouldn’t click on. And in some cases, funds get wired to fraudulent accounts. But how often have you read about an employee having to replace stolen funds? WKBN in Ohio reports: A Trumbull County judge has ordered County Auditor Martha Yoder…