Sometimes it’s easy to forget that although a breach may be in the headlines for the proverbial 15 minutes, the impact of some breaches and resulting litigation may go on for years. Back in 2011 and and 2013, DataBreaches.net reported on breaches involving the Maricopa County Community College District (MCCCD). The earlier breach appeared to…
Category: Breach Incidents
MAXIMUS notifies 3,029 patients after Business Ink mailing error exposes PHI
The following was the notification MAXIMUS sent out on April 17 and that they kindly provided to this site today. There was also a Spanish-language version: MAXIMUS today notified approximately 1,100 Texas families participating in Medicaid and the Children’s Health Insurance Program (CHIP) of a printing error that resulted in some program participants receiving a…
State Consumer Protection Office Investigating Zippy’s Security Breach
Let’s start with Zippy’s notice, posted April 27 on their site: Notice to Customers of Payment Card Security Incident On March 9, 2018, Zippy’s Restaurants learned of a security incident involving its credit and debit card processing system. Zippy’s immediately began an investigation, and engaged independent computer forensic experts to assist. On April 4, 2018,…
Access Group notifies borrowers of data security incident
It’s not just edtech vendors students need to watch out for when it comes to privacy and data security. Vendors that help process student loans may also put you at risk, as this notification from AccessLex Institute (dba Access Group) reminds us. The nonprofit organization, which provides financial education resources and services, writes: Dear [Name]:…
Careem knew – or should have known – that they had a serious problem last year: researcher
Mark Sutton has some follow-up commentary on the Careem breach reported on this site yesterday: Gregg Petersen of Veeam Software said that not alerting customers to the breach for so long “isn’t acceptable”, and that organisations need to work faster to maintain the trust of their customers. Jordanian cybersecurity expert Raed Nesheiwat also said that…
What led to Nova Scotia’s privacy breach
CBC News has an update to a government leak incident noted previously on this site. This is a case where the government’s response to their security failure was to criminalize the behavior of the teen who downloaded what were freely available reports. When the public went up in arms over the government’s attempt to cast him…