Madison Parish Hospital Service District reported that 1,436 patients were impacted by an incident reported to HHS as Unauthorized Access/Disclosure of PHI located on “Desktop Computer, Email.” A notice on their web site provides some addition information: NOTICE OF PRIVACY BREACH We take patient privacy very seriously, and it is important to us that you…
Category: U.S.
Seattle University laptop containing 2,000 Social Security numbers lost
Asia Fields reports: Seattle University is warning that the names and Social Security numbers of more than 2,000 people could be exposed after a university-issued laptop was lost last month. Files containing information for 2,102 current and former faculty, staff and their dependents are accessible from the unencrypted laptop, which a university employee lost on…
Charles River Laboratories discloses a breach, but details are lacking
From their SEC filing: On April 30, 2019, Charles River Laboratories International, Inc. (the “Company” or “Registrant”) notified clients of unauthorized access into portions of its information systems. Promptly upon detection of unusual activity in its information systems in mid-March, the Company commenced an investigation into this incident, coordinated with U.S. federal law enforcement, and engaged…
Job recruitment site Ladders exposed 13 million user profiles
Zack Whittaker reports: Ladders, one of the most popular job recruitment sites in the U.S. specializing in high-end jobs, has exposed more than 13.7 million user records, following a security lapse. The New York-based company left an Amazon -hosted Elasticsearch database exposed without a password, allowing anyone to access the data. Sanyam Jain, a security…
AZ: Is a Desert Valley Dental breach ongoing? And did OCR order them to notify patients?
So this is something that I don’t recall ever seeing before as part of an initial breach disclosure. CBS5 reports: A Phoenix dental office has an ongoing breach of protected health information, Arizona’s Family learned Monday. The U.S. Department of Health and Human Services Office of Civil Rights ordered Desert Valley Dental to inform the…
SkyMed Medical Evacuation Membership Service Exposed Data of 137k Members
Jeremiah Fowler reports on another unsecured elasticsearch database that his firm has found: On March 27th I discovered an unsecured Elasticsearch database that contained what appeared to be members of a medical evacuation membership service. Upon further inspection of the data there were many references that the data allegedly belonged to Florida based SkyMed. It…