Their press release: Landry’s, Inc. (“Landry’s”) takes the security of payment card data very seriously. Years ago (beginning in 2016), Landry’s installed a payment processing solution that uses end-to-end encryption technology at all Landry’s owned locations. Landry’s is notifying customers of an incident that it recently identified and addressed involving payment cards that, in rare…
Category: U.S.
CO: Aurora Water announces data breach involving Click2Gov payment system
Author: Janet Oravetz reports: Personal information of some Aurora Water customers, such as names, card numbers and expiration dates, may have been compromised through a data breach, according to the city’s water department. The department made an announcement about the security incident on Monday and said customers who used the Click2Gov payment system to make one-time…
West Georgia Ambulance Company Pays $65,000 to Settle Allegations of Longstanding HIPAA Noncompliance
Are you surprised to see a settlement with HHS arising from an investigation that began when an entity reported a stolen laptop in 2013? Keep reading this notice from HHS to find an explanation: West Georgia Ambulance, Inc. (West Georgia), has agreed to pay $65,000 to the Office for Civil Rights (OCR) at the U.S….
As 2019 draws to a close, some entities are taking harder look at storing PHI in employee email accounts
Okay, so two exemplars doesn’t prove any kind of trend, but I’m glad to see some entities now taking steps to reduce how much PHI is stored in employee email accounts. Here are two recent incidents, both reported to HHS in December: Healthcare Administrative Partners (HAP) is a Pennsylvania-based business associate under HIPAA. On December…
Ransomware at IT Services Provider Synoptek
Brian Krebs reports: Synoptek, a California business that provides cloud hosting and IT management services to more than a thousand customers nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. The company has reportedly paid a ransom demand in a bid to restore operations as…
IL: Former Lurie Children’s employee wrongfully accessed patient data, hospital says
WLS reports: Ann & Robert H. Lurie Children’s Hospital of Chicago is notifying some of its patients about a former employee’s access of patients’ medical records. On Nov. 15, the hospital learned that between Sept. 10, 2018 and Sept. 22, 2019, an employee accessed certain patients’ medical records without a business reason to do so,…