The following press release from North Carolina Attorney General Roy Cooper is a follow-up to a breach previously covered on PHIprivacy.net: Dr. Ervin Batchelor of the Carolina Center for Development and Rehabilitation in Charlotte has paid $40,000 for illegally dumping files containing patients’ financial and medical information, Attorney General Roy Cooper announced Wednesday. “Any business you entrust with your information has a…
Category: Breach Incidents
Jp: Graduate University for Advanced Studies (SOKENDAI) apologizes for data leak
SOKENDAI issued the following public apology on September 1: We regret to inform that we have found the personal information appeared in the department chairs meeting materials was temporally accessible on the Internet. The reason this occurred was that the meeting materials were uploaded to the wrong place in High Energy Accelerator Research Organization (KEK)…
Santa Clara dental worker steals patient info, lands in prison
Mike Rosenberg reports: A former employee at a San Jose dental office will spend four years in prison for stealing personal information from patient records to create credit card accounts he used to buy Gucci watches and flat-screen TVs, authorities announced Tuesday. Nick Luu and five other members of an identity theft ring defrauded at least…
OH: Candidate for world’s dumbest criminal pleads guilty to attempting to extort Xavier University
It’s not that often that we find out about extortion attempts related to data breaches, so when we do, I try to follow up on them. Here’s a follow-up to an extortion attempt involving Xavier University that I previously covered on this blog. Kimball Perry reports on a very poorly executed crime: Recently released from…
Kr: Samsung Card asks police to investigate employee for data leak
Samsung Card Co., one of South Korea’s largest credit card firms, has asked the police to investigate an employee on charges of leaking the personal data of its customers, an industry source said Monday. According to the source, Samsung Card discovered through an internal investigation that customers’ data including their names and mobile phone numbers…
(Update and Commentary): Why are states withholding the names of breached entities?
Yet another recent press release – this one from the U.S. Attorney’s Office in Connecticut – shields the name of the breached entity: David B. Fein, United States Attorney for the District of Connecticut, announced that NATASHA SMITH, 25, of Georgia, formerly of Far Rockaway, New York, waived her right to indictment and pleaded guilty yesterday,…