A seller on a forum claims to have data on 9.1 million consumers whose personal information is in the hands of a cash recovery and collections firm. Nothing has been confirmed, but they claim an employee of the firm knowingly gave them access. On May 4, 2023, the R&B Corporation of Virginia, a Newport News-based…
Category: Breach Incidents
Sentara Health terminates remote employees after realizing they couldn’t be sure who was doing the work.
Hiring employees who work remotely can pose additional challenges for security and compliance with regulations. In March, Sentara Health disclosed an incident concern that resulted in the notification of 1,620 patients. They described the concern this way: In December, the Sentara Health’s Lab Services department hired an individual to process lab requisitions. Lab requisitions are…
Plastic surgeons often store nude photos of patients with their identity information. When would we call that “negligent?”
Claims of “negligence” are often raised in lawsuits. DataBreaches is not a lawyer, of course, but wonders whether by now, we should consider a plastic surgeon “negligent” in their data security if they store nude photos of their patients with patient names and identity information in plain text and no strong encryption or suitable alternative…
A guilty plea in the PowerSchool case still leaves unanswered questions
On June 6, 19-year-old Matthew D. Lane pleaded guilty in federal court in Massachusetts to one count each of conspiracy to commit cyber extortion, cyber extortion, unauthorized access to protected computers, and aggravated identity theft. The first two charges were related to an unnamed telecom company identified as “Victim 1.” The third and fourth charges…
RCMP thumb drive with informant, witness data obtained by criminals: watchdog
Jim Bronskill reports: The RCMP lost a USB key containing personal information about victims, witnesses and informants, and later learned it was being offered for sale by criminals, the federal privacy watchdog says. A detailed report from the Office of the Privacy Commissioner of Canada reveals the RCMP told the watchdog about the breach in March…
Resource: Insider Threat reports
On a daily or weekly basis, DataBreaches highlights insider wrongdoing incidents and the harm they can cause. For more comprehensive compilation and analysis of the topic, readers may be interested in the Insider Threat Incidents For May 2025 report produced by the National Insider Threat Special Interest Group and Insider Threat Defense Group. Their previous…