Between January 2007 and March 19, 2009, North Carolina received 231 notifications of breaches under their breach reporting requirements. NC’s statute includes breaches involving paper records as well as electronic records, but only breaches requiring notification of 1,000 individuals or more must be reported to NC’s Consumer Protection Division of the Attorney General’s Office. Hence,…
Author: Dissent
Some MFS Investment Management account information exposed in online error
On April 1, Massachusetts Financial Services Company notified (pdf) the New Hampshire Attorney General that they were informed by a customer on February 23 that an error in their online tax reporting system allowed Form 1099 tax forms of certain accounts to be viewed by an owner of one or more of these accounts. The…
Northeast Rehabilitation Hospital patient data stolen
On April 8, Northeast Rehabilitation Hospital in Salem, New Hampshire notified (pdf) the New Hampshire Attorney General that paper and electronic records with personal and medical information on 8 patients was stolen from an employee’s vehicle on March 20. The hospital provides services to patients in homes and schools, and the laptop and document were…
Former Fox Entertainment employee arrested; employee data retrieved from home
On April 9, Fox Group notified (pdf) the New Hampshire Attorney General that Fox Entertainment Group had learned that employee information including names, Social Security numbers and some compensation data had been acquired without authorization by an employee of Fox’s benefits department. The employee was terminated and subsequently arrested. When a search warrant was executed…
HK: School website tests show up security lapses
Khushwant Singh of AsiaOne reports that (as elsewhere), many educational institutions in Singapore are inadvertently exposing personal information of students and staff on the web.
(Follow-up) AU: Bottle Domains dumped by auDA over security breach
Card Systems is frequently cited as an example of how costly a breach can be to a business, but in Australia, Bottle Domains may become a similar example. Following a breach that resulted in the theft of personal information on approximately 60,000 people that was put up for sale on the internet, the company has…