These statements strike me as potentially mutually exclusive: “On December 14, 2014, a college laptop was stolen from a professor’s car that was briefly parked at a gas station.” “we take the security of your personal information very seriously” — from a breach notification by Westmont College. Did Westmont College have a policy in place that required…
Category: U.S.
Nite Ize notifies consumers after hack at services provider
I really don’t understand why businesses that have had customer data hacked at their hosting provider do not name the host or third party. Why shield them from bad publicity when their security failure led to the business taking a reputation hit? Here’s another example, this one from Nite Ize, who was notified of a breach…
Former Aetna employee arrested; found in possession of members’ identity information
Aetna Insurance has also reported a breach in recent months, but unlike the Anthem and Premera Blue Cross breaches, the Aetna breach does not appear to have been a massive one. In a letter dated January 8, the insurance company notified the Maryland Attorney General’s Office that six Maryland residents were among those being notified that their information had…
Direct Marketing Association data breach
Oh, look. The Direct Marketing Association had a data breach. In a notification template they submitted to the Maryland Attorney General’s Office on January 8, 2015, they write that the incident involved their online bookstore (and only that section of their website). Investigation determined that malware had been inserted on the server, which was maintained…
MD: Mailing error exposes 350 patients’ bills to other patients
Here’s one you won’t see on HHS’s public breach tool, because it’s less than 500 patients. Harford Surgical Associates in Bel Air, Maryland notified the Maryland Attorney General’s Office that due to a mailing error on October 16, 2014, patients received up to three other patients’ billing statements. The statements included the patients’ names, addresses, telephone…
Oregon agency hacked; governor calls for study, changes
AP reports: Oregon officials said Thursday that they plan to restructure information technology functions after software found an external third-party had gained access to a state network. Gov. Kate Brown said in a statement that someone gained access to so-called metadata last week at the Department of Administrative Services, which handles technology for much of…