When they discovered more than 42,000 patient records and millions of patient clinical notes exposed on a misconfigured rsync backup, researchers at UpGuard responsibly set out to notify the entity to secure their data. It turned out to be a Herculean task that would take almost two months and multiple entities to get the job…
Category: Health Data
UK: Kent and Medway NHS and Social Care Partnership apologizes for data breach
Natalie Tipping reports: A Kent NHS Trust has apologised to patients after their records were accessed inappropriately, leading to a police probe into the incident. Letters have been sent out to patients of the Kent and Medway NHS and Social Care Partnership Trust (KMPT) detailing that a member of staff has been dismissed from their…
SAMBA Federal Employee Benefit Association programming error resulted in mismailed information
From their press release: SAMBA Federal Employee Benefit Association (“SAMBA”) recently learned of an incident that may affect information related to eligible family members of subscribers (“family members”) covered by the SAMBA Federal Employees Health Benefits Plan in 2017. “We take this incident, and member privacy, very seriously,” Walter E. Wilson, SAMBA’s Executive Director stated….
Southeast Clinical Pathology Laboratories Notifies Patients of Stolen Laptop
From the notice on their web site: March 21, 2018 – Clinical Pathology Laboratories Southeast, Inc. (“CPLSE”) has become aware of a data security incident that may have involved the personal and protected health information of its patients and their payment guarantors. On September 20, 2017, a laptop issued to a CPLSE employee was stolen….
Prosecution drops five felony charges against Justin Shafer, accepts plea to one misdemeanor charge
In May 2016, the Dallas FBI raided dental integrator and independent researcher Justin Shafer because of allegations that he had accessed an FTP server without authorization. Shafer was subsequently raided twice more, and in March 2017, he was arrested and charged with stalking a federal employee – not hacking or any criminal conduct related to…
AU: Medical records exposed by flaw in Telstra Health’s Argus software
Ben Grubb reports: A flaw in medical software used by more than 40,000 Australian health specialists and distributed by Telstra has potentially exposed Australians’ medical information to hackers, who have been logging into practitioners’ computers and servers to carry out illegal activities. Read more on Sydney Morning Herald.