As Robert Lord of Protenus explains in the May issue of Compliance Today, pediatric patient data continues to remain not only vulnerable to criminals, but also quite valuable to them, in part because the medical records of these young patients provide criminals a blank slate upon which they can build a false identity. This—combined with the fact…
Category: Breach Incidents
RI: ‘Ransomware’ attack locks down law firm’s files for three months
Katie Mulvaney reports: An unknown person or group held a Providence law firm captive for months by encrypting its files and then demanding $25,000 in ransom paid in anonymous cyber currency to restore access, according to a lawsuit filed in U.S. District Court. Moses Afonso Ryan Ltd. is suing its insurer, Sentinel Insurance Co., for…
Pentucket Medical notifies employees and patients of data security incident
Speaking of confusing incident reports, Pentucket Medical in Massachusetts reported a somewhat confusing incident to the New Hampshire Attorney General’s Office. It seems that on January 18, four boxes of mainly physician/clinician records were removed from CubeSmart Storage Facility by another client of the facility. Why that client might knowingly remove those cartons, and how…
Harrisburg Gastroenterology notifies patients of data security incident
Harrisburg Gastroenterology, Ltd. issued a press release yesterday that leaves a lot of questions unanswered: Harrisburg Gastroenterology, Ltd. announced today that it is notifying individuals related to a privacy incident involving certain patient information. On March 17, 2017, following an investigation of potentially suspicious system activity, Harrisburg Gastroenterology determined that an unauthorized individual could have…
Sadly, laptops stolen from cars are still a thing
From a notification filed on behalf of Donaldson Company, Inc.: On March 24, 2017, a Donaldson employee’s company-issued, user ID and password-protected laptop was stolen from the employee’s vehicle while it was located off Donaldson’s premises. On March 29, 2017, Donaldson discovered that the laptop contained, in electronic form, certain Donaldson employees’ personal information, specifically…
Sg: National University of Singapore educates students on protecting their information
Channel NewsAsia reports: The National University of Singapore (NUS) has to put in place an e-training module for all its students on personal data protection, after it emerged that the personal particulars of 143 student volunteers were breached in 2016. In a press statement on Friday (Apr 28), an NUS spokesperson said a URL link…