From the Office of the Inspector General of the U.S. Dept. of Health & Human Services: We summarized the high-risk security vulnerabilities that we identified as audit findings in our previous reviews of information system general controls at three California Medi Cal managed-care organizations (MCOs). We identified 74 high-risk security vulnerabilities in the information system…
Category: U.S.
1,500 patients impacted by laptop theft
Another physician has reported that a stolen laptop contained patient information. Carolyn B Lyde, MD, of Dermatology Center of Lewisville, Texas, notified HHS on November 30th that 1,500 patients were affected. There is no statement on their web site at this time and a Google search isn’t turning up any notices.
OH: First Transit notifies employees after malware discovered on server
Malware inserted on a server on October 23, 2011 wasn’t discovered until October 21, 2015, reports First Transit‘s external counsel. For almost four years, employees’ information, including name, address, date of birth, phone number, driver’s license number, and Social Security number may have been compromised. In response to the discovery, First Transit took the server offline…
OH: More details emerge about patient records found at recycling center
Katie Wedell provides more details about patient records found at a recycling center in Springfield, Ohio It seems the person who found the records and reported that there were “hundreds” of records underestimated how many there were. Community Mercy Health Partners could face penalties from the federal government for improperly disposing of private medical records after thousands of old laboratory…
OPM hit for mishandling data breach cleanup
Tal Koppan reports: The federal agency that had more than 21 million Americans’ personal information stolen in a massive hack is once again in congressional cross-hairs — this time for improperly doling out taxpayer dollars to protect those Americans after the data breach. The Office of Personnel Management’s inspector general released a report this month,…
Former U.S. State Department Employee Pleads Guilty to Extensive Computer Hacking, Cyberstalking and “Sextortion” Scheme
A former U.S. State Department employee pleaded guilty today to perpetrating a widespread, international e-mail phishing, computer hacking and cyberstalking scheme against hundreds of victims in the United States and abroad. Assistant Attorney General Leslie R. Caldwell of the Justice Department’s Criminal Division, U.S. Attorney John A. Horn of the Northern District of Georgia, Director…