Continuing what appears to be an increasing trend in the UK media to use freedom of information requests to obtain breach reports, Echo found that there had been 34 incidents involving patient data being lost or mislaid by health service staff in Gloucestershire since December 2007. The paper notes that the same request was sent…
Author: Dissent
Complimentary Webinar: HIPAA Federal Breach Notification in Stimulus Legislation (ARRA)
Note: I have no affiliation with Debix. Tuesday March 24th, 9am PST, 11am CST, Noon EST Lisa Sotto, a Partner with Hunton & Williams LLP, will review the new federal data breach legislation that was signed into law on February 17th (the American Recovery and Reinvestment Act). Lisa will discuss the requirements of the…
Bits ‘n Pieces
In the justice system: A string of identity thefts spanning seven states has resulted in the arrest of two suspects in Wisconsin. More. As a follow-up to a story reported previously, Scottsdale police arrested nine people who allegedly ran an ID theft ring that involved stealing customer data from local businesses including the Henry Brown…
More on the Coleman campaign breach (updated)
The Associated Press is now reporting that financial data for at least 4,700 campaign donors was posted on the internet and contact information for 51,000 others was also disseminated. A statement from Coleman’s office indicates that there may have been a breach of the Coleman for Senate web site and that federal investigators, when contacted…
Sprint: Employee Stole Customer Data (updated)
Brian Krebs of Security Fix reports that Sprint sent letters to several thousand customers to inform them that a former employee sold or otherwise provided their account data without permission between December 2008 and January 2009. Updated Apr. 1: Sprint’s notification (pdf) to the NH Attorney General is now available online.
BT rebuts vulnerability claims
(This is a follow-up to a story reported here). Today, John Leyden of The Register reports that BT.com claims that the flaws HackersBlog reported only involved test systems and that no customer data were at risk. Whether BT’s statement was issued before or after HackersBlog published more about the alleged vulnerability and databases they were…