In January, 2012, Zappos announced that they were notifying more than 24 million consumers to change their passwords following a hack. In the months that followed, a to-be-predicted lawsuit was filed, and state attorneys general started investigating. Eventually, Zappos settled with states, and the class-action lawsuit was dismissed in 2015. Whew, right? Not so fast, though. Ross Todd…
Category: U.S.
CO: Front Range Dermatology Associates notifies patients of insider-wrongdoing incident
Tommy Wood reports: Front Range Dermatology Associates, which has locations in Greeley, Loveland Fort Collins and Fort Morgan, suffered a breach of medical records in January, the company announced in a news release. The compromised data includes patients’ names, medical record numbers, dates of service, billing codes, names of insurance companies and dates and amounts…
Stolen University Hard Drive Potentially Exposes Thousands of Records
Robert Rodriguez reports: The theft of an external hard drive at Fresno State could expose the personal data of at least 15,000 people. The hard drive was reported missing Jan. 12 and Fresno State officials said some of the files may have contained personal information, including names, addresses, phone numbers, birth dates, credit card numbers,…
Officials: 2 ex-Florida Hospital employees stole, sold patient records
Jeff Deal and Jason Kelly report: Federal investigators said two former Florida Hospital employees stole and sold an unknown number of patient records. The hospital said it wouldn’t comment on the allegations because of a pending lawsuit, but Channel 9’s Jeff Deal uncovered a civil lawsuit against the hospital, which is separate from the criminal case,…
Flexible Benefit Service Corporation notifies 5,123 of phishing incident
Illinois-headquartered Flexible Benefit Service Corporation (“Flex”) is a general agency and benefit administrator serving insurance brokers, employers and insurance carriers. As such, they are a Business Associate to HIPAA-covered entities. The follow is from their notification of a security incident that was reported to HHS on February 16, as impacting 5,123 people. Flex does not indicate…
Professor in department of health services unintentionally releases personal student information via email
Rebecca Gross reports: On Jan. 25, 50 students and 35 faculty and staff members within the Department of Health Services received an email with a spreadsheet that contained personally identifiable information (PII) of more than 9,000 people. Amy Hagopian, associate professor in Health Services at the UW, unintentionally sent the email containing the spreadsheet to…