Jon Campbell reports: A state employee was placed on leave after emailing thousands of private Medicaid records to his personal email account, state Medicaid Inspector General James Cox announced today. The security breach happened on Oct. 12 of last year, when the employee — who worked for Cox’s office — sent 17,743 records to the…
Category: U.S.
Digging in their heels: Wyndham and LabMD challenge FTC’s authority in data security cases
Cross-posted from PHIprivacy.net: Adam Greenberg reports on two cases where businesses have challenged the FTC’s authority in data security cases. Although Wyndham’s challenge has been discussed in detail on DataBreaches.net (see these posts), I haven’t really described the LabMD case until now. In the LabMD case, the Atlanta Business Chronicle reported last year: The federal agency…
TX: Personal info of 16,000 Harris County employees’ discovered in electronic files in Vietnam
Brian Collister reports that the personal information of approximately 16,000 former and current Harris County employees was found in two electronic files in Vietnam. The information included names, Social Security numbers, and dates of birth. One of the files was from 2005 and another was from 2007, both before the county changed its system to…
FL: Student information found in private school’s dumpster
WINK reports: Students’ grades, addresses and phone numbers… found sitting in a dumpster for anyone to see. That’s what one man found next to Bishop Verot High School. He worried it could get into the wrong hands. On the side of the school, there are dumpsters. They’re on school property, but anyone can access them….
California Dept. of Consumer Affairs has a breach, but doesn’t notify those affected for 6 months?
Ouch. The California Department of Consumer Affairs – Bureau of Automotive Repair (“BAR”) learned that a service provider had a network intrusion breach that gave someone access to bank account numbers and bank routing numbers belonging to the Smog Check stations licensed by the BAR. The breach reportedly occurred between May 2012 and March 2013,…
Former Iberdrola employee charged in April breach
So it looks like the Iberdrola breach, reported in April, was a disgruntled employee situation after all. Steve Orr reports: In mid-April, an RG&E corporate parent announced that a computer intruder had compromised the privacy of job applicants’ personal data. Coming a year after another computer-privacy foul up involving Rochester Gas and Electric Corp., the…