From EPIC.org: EPIC President Marc Rotenberg will testify before the House Financial Services Committee this week. Rotenberg will say that “Data breaches pose enormous challenges to the security of American families, as well as our country’s national security.” EPIC will call for comprehensive data protection legislation and the creation of a federal data protection agency….
Category: Breach Incidents
UK: ICO releases Q3 data security incident trends
The Information Commissioner’s Office has released Q3 statistics on data protection incidents reported to their office. Not surprisingly, reports were up. Some of their key statistics: Central government sector reports rose by 178% from Q2 (from 9 to 25). Incidents involving a failure to redact data increased from 1 to 11. Education sector incidents rose by…
RoxSan Pharmacy Notifies Patients of Breach That Occurred in 2015
There are a number of unanswered questions about an incident disclosed by RoxSan Pharmacy today. See what you think, starting with their press release of today: As part of its commitment to patient privacy, RoxSan Pharmacy (“RoxSan”) notified 1,049 patients of a potential breach of unsecured personal patient protected health information. RoxSan is notifying affected…
Entergy notifies employees of W-2 breach involving TALX portal
So this is not a W-2 phishing situation, but TALX – a wholly-owned subsidiary of Equifax – is working with Entergy to notify former and current Entergy employees whose 2016 W-2 data may have been acquired by criminals from the TALX portal. In a letter to the New Hampshire Attorney General’s Office, counsel for TALX…
Lawsuit against Rensselaer County partially revived on medical privacy issue
There’s an update to an insider-wrongdoing lawsuit that I first noted back in September, 2013, after some employees at Rensselaer County Jail filed suit against their employer for snooping in their medical records. As I’ve reported in the past, the breaches occurred against a backdrop where the county jail uses Samaritan Hospital to provide services…
Tennessee hospital notifies 24,000 patients after EMR system attacked with cryptocurrency mining software
In what may be the first report I’ve seen of a hospital having their EMR server hit with cryptocurrency mining software, Decatur County General Hospital in Parsons, Tennessee started notifying 24,000 patients on January 26. A substitute notice on their web site explains: On November 27, 2017, we received a security incident report from our EMR…