Update of March 12: After this story appeared on March 9, DataBreaches.net received a call from Superintendent Bradshaw, who had been out of town when my email had arrived. This story has been updated – and corrected occasionally – to incorporate his answers. If students are at risk of significant emotional damage because highly sensitive…
Category: Breach Incidents
Blaming the vendor when a security breach occurs
Mitch Tulloch writes: The blame game is something all of us practice from time to time, when something goes badly wrong we don’t want to get caught holding the bag. And when we’re accused of being the culprit, our natural reaction is to raise our hands and say, “Not me!” So it’s not unusual when…
Oregon lawmakers give data breach victims more protection
KTVZ reports: Six months after the data breach of credit reporting agency Equifax exposed the private information of 145 million Americans, the Oregon House on Thursday overwhelmingly passed Senate Bill 1551, expanding consumer protections for Oregonians. The legislation would institute a number of key provisions including requirements that breaches be reported more quickly and consumers…
QuadMed health records system issue affected onsite clinics of three clients
One of the incidents reported to HHS this month was an incident reported by QuadMed in Wisconsin. Today, I finally found some documentation as to what that incident was all about. As background, QuadMed describes itself as providing occupational health and primary care services to some clients. In some cases, they may take over an…
Jemison Internal Medicine discloses ransomware event
From their notification of February 16, 2018 to 6,550 patients, a reminder of the value of good backups. But yet another incident where investigation of a new incident uncovers evidence of a previously undetected intrusion: Privacy Event at Jemison Internal Medicine, PC Jemison Internal Medicine, PC (“JIM”) of Jemison, Alabama has advised its patients of…
FastHealth notifies patients of 2017 incident involving their data
In May, 2017, this site started reporting that a number of healthcare facilities had been impacted by a breach at their vendor, Tuscaloosa-based FastHealth. FastHealth provides website and operational tools and services, including online bill payment. According to FastHealth’s news release at the time, an unauthorized third party had altered code on its web server,…