“Because none of them seem to give a shit…” – a hacker commenting on the lack of response to notifying the U. of Oklahoma that he had hacked them. This blogger has repeatedly lamented the generally inadequate data security in the education sector and the fact that no federal agency actually enforces data security at the post-secondary…
Category: Breach Incidents
Adventures in breach alerts, Saturday edition
If you’re going to misdirect a fax containing personal information, you probably don’t want to misdirect it to a security firm with a blog. SLC Security reports that they received faxes from William Farrell, CPA of Cary, NC containing what appeared to be payroll information. When they tried to contact the firm using the contact email prominently posted on the firm’s…
Vidant Health leaking PHI since at least September – security firm (updated)
SLC Security posted this yesterday: Second Note: Vidant Health – Greenville, NC Just a quick update that we are still seeing issues with Vidant Health which we previous reported. On October 1, 2014, SLC Security had posted: DISCLOSURE: Vidant Medical Center (www.vidanthealth.com) Leaking PHI to include locations, patient names, diagnosis, age, birthdates and identifying features such…
San Francisco General Hospital notifies 2,500 patients that doctor removed copies of their records from the hospital
I had noted this breach on PHIprivacy.net, but since there’s an update today, I’ll repeat the original information here. On March 6, Erin Allday reported that a former UCSF doctor who was employed at San Francisco General Hospital from 2005 to 2013 had wrongfully removed copies of patient records from the medical center. Allday reported:…
Identity Theft, Tax Fraud Snares Prisoners
I’ve covered some of these cases previously on this site and phiprivacy.net, but it’s worth noting as a vulnerable population. Joe Palazzolo reports: A raft of federal prosecutions has uncovered tax-fraud schemes involving the theft of U.S. prisoners’ social-security numbers, many times stolen by corrections employees. Last year alone, federal courts meted out prison sentences…
IL: Trial in doubt for medical ID theft case
Way back when, I had written myself a note about a case in which five Indiana residents had been indicted on charges that related to an ID fraud conspiracy involving theft of patient information. According to the press release in December 2013 from the U.S. Attorney’s Office for the Northern District of Indiana, the five individuals were indicted November…