Steve Bellovin explains: Another day, another data breach, and another round of calls for companies to encrypt their databases. Cryptography is a powerful tool, but in cases like this, it’s not going to help. If your OS is secure, you don’t need the crypto; if it’s not, the crypto won’t protect your data. In a case…
Category: Health Data
Anthem Attack Investigators See Signs of Chinese Hackers
And so it begins.
Health insurance giant Anthem Blue Cross and Blue Shield discloses breach that could affect tens of millions of customers and employees (Update2)
Following the disclosure by Community Health Systems in an SEC filing that they suspected Chinese hackers were responsible for the theft of 4.5 million patients’ information, the FBI sent out a “Flash” warning to alert the the healthcare sector that it was being targeted by hackers. It was the second warning they had issued in a period of a few months. In…
TN: Boston Baskin Cancer Foundation patients and employees notified of stolen hard drive
Molly Smith reports: Patients at the Boston Baskin Cancer Foundation learned some of their personal information was stolen, and tell WREG one year of identity protection doesn’t seem like enough. […] Patients got a letter in the mail, saying a robber broke into a clinic employee’s home back in December and stole a hard drive with patient…
Fire at a Brooklyn Warehouse Puts Private Lives on Display
Vivian Yee reports: No lives were lost in the huge fire that gutted a storage building on the Williamsburg waterfront over the weekend. But the flames put plenty of lives on display as the crumpling warehouse belched up its contents: decades’ worth of charred medical records, court transcripts, lawyers’ letters, sonograms, bank checks and more….
Quest Diagnostics notifies employees of breach after email attachment error (UPDATE)
Quest Diagnostics is notifying some employees that some of their personal information was inadvertently attached to an email sent outside the company. The email gaffe occurred on November 17, when a report containing employee information was attached to an email sent to two individuals with whom the firm has a business relationship. The error was reported…