Dan Goodin reports: Websites operated by the US Treasury Department are redirecting visitors to websites that attempt to install malware on their PCs, a security researcher warned on Monday. The infection buries an invisible iframe in bep.treas.gov, moneyfactory.gov, and bep.gov that invokes malicious scripts from grepad.com, Roger Thompson, chief research officer of AVG Technologies, told…
Category: Breach Incidents
Insurer rejects claims related to stolen U. medical records
Brian Maffly reports: A Colorado insurance company contends it is not obligated to cover astronomical costs incurred by the University of Utah in 2008 after car burglars stole medical billings records filed with sensitive personal information on 1.7 million patients. U. officials want Perpetual Storage to reimburse the university more than $3.3 million. That’s how…
[CORRECTION] Stolen computer from St. Joseph Heritage Healthcare affects 22,012
One that I missed from OCR’s web site during my last update from that site: St. Joseph Heritage Healthcare State: California Approx. # of Individuals Affected: 22,012 Date of Breach: 3/06/10 Type of Breach: Theft Location of Breached Information: Desktop Computer Thanks to ITRC for pointing out my omission. As of the date of this…
MN: Bemidji med center’s online bill-pay service apparently hacked
Bethany Wesley reports: North Country Health Services’ online bill-paying function was apparently hacked into on April 18, compromising the security of 349 customers’ credit card and debit card accounts. NCHS is sending letters to all those who could be affected by the breach, said Joy Johnson, NCHS vice president for marketing and business development. The…
The College of New Jersey outreach campaign leaks alumni info
When Bari Dzomba, an alumnus of The College of New Jersey (TCNJ), received a postcard this week about a new outreach campaign to alumni, she went and checked out the new site. To her dismay, she discovered that the new site was leaking alumni personal information. She contacted the college, but when, after two days,…
(update) Hacker remains at large year after cyberattack on Va. data
A year after a computer hacker breached Virginia’s statewide prescription drug database, investigators still don’t know who did it. Computer functions at the state Department of Health Professions, which runs the program, were disabled for weeks as a result of the April 30, 2009, cyberattack. The hacker claimed to have stolen more than 35 million…