On June 27, 2013, a laptop containing personal information of customers of Buckeye Title Loans of California, LLC and Cash Central of California LLC was stolen from a locked vehicle in a smash-and-grab incident. Other items stolen in the incident included credit cards, a wallet and other personal property, which raises the question of whether all…
Category: Breach Incidents
NZ hat trick: EQC reports its third breach this year
Rebecca Quilliam reports: The Earthquake Commission has admitted to another breach of privacy after information on up to 260 claimants was sent to the wrong customers. Its chief executive Ian Simpson has launched an inquiry into how the information ended up on a letter that was sent to some clients. One side of the letter…
Revised OECD Privacy Guidelines Focus On Accountability, Notification of Breaches
Rick Mitchell reports: The Organisation for Economic Co-operation and Development has released updated privacy guidelines with an increased focus on implementation and enforcement and a new risk-management approach to accountability for companies and public organizations, practitioners told Bloomberg BNA Sept. 11. Posted on the OECD’s website Sept. 9, the updated guidelines replace the 33-year-old original…
FTC complaint against LabMD could serve as guidance to businesses on data security
The Federal Trade Commission has released a provisionally redacted public version of its complaint against LabMD (PHIprivacy.net’s coverage of LabMD linked here). The complaint provides what could be useful guidance as to what types of practices the FTC considers to be problematic practices under the Act: 10. At all relevant times, respondent engaged in a number of…
Errant e-mail creates security breach at MNsure
Jackie Crosby reports: A MNsure employee accidentally sent an e-mail file to an Apple Valley insurance broker’s office on Thursday that contained Social Security numbers, names, business addresses and other identifying information on more than 2,400 insurance agents. An official at MNsure, the state’s new online health insurance exchange, acknowledged it had mishandled private data. . Read…
Follow-up: Utah Department of Health hack did not result in ID theft
Marjorie Cortez reports that the massive Utah Department of Health hack in 2012 that compromised personal information of 780,000 Utahns has not been linked to any cases of identify theft: Patton said there were 37 incidents in which people raised questions whether the breach was tied to identity theft. That was later winnowed down to four…