The New York State Psychiatric Institute, a facility owned and operated by the New York State Office of Mental Health, has reported the following incident to HHS as impacting 21,880 research participants: On June 17, 2016, New York State Psychiatric Institute (NYSPI) learned that, between April 28 and May 4, certain parts of our system were accessed…
Category: U.S.
Fired employee sues SF State for $1 million after alleged hack
Golden Gate Express reports on a lawsuit stemming from a breach you may not have heard about: A former SF State information security officer claimed in a lawsuit that she was fired in a University attempt to sweep “under the rug” a 2014 hack involving a significant student records breach including financial records and password reset…
MO: Medical records for 238 Children’s Mercy Hospital patients stolen
KTTN reports that the medical records for 238 patients at Children’s Mercy Hospital were stolen from an employee’s locked vehicle on August 4. From their report, it sounds like the employee routinely needed to take records from facility to facility. They did not explain why those records could not have remained on a server that the employee…
AL: Lawsuit against Flowers Hospital could widen to include other alleged ID theft victims
Ken Curtis reports the latest developments in a lawsuit stemming from an insider breach for tax refund fraud. The former Flowers Hospital employee is currently serving a prison sentence, but now others want to join the potential class action lawsuit against the hospital. Curtis reports, in part: Legal documents show that Millender was in possession…
OneLogin reports security breach that exposed customers’ ‘Secure Notes’ data in clear text
Hyacinth Mascarenhas reports: Cloud-based identity access service OneLogin has announced a server security breach that allowed a hacker to access customer Secure Notes data due to a bug in the company’s logging system. The company said the breach occurred when an intruder managed to gain access to its logging system that stores logs and analytics…
That Dropbox hack was much bigger than previously revealed
So it only took like four years, but now we know. That 2012 Dropbox hack that recently led to additional password resets? The 2012 hack reportedly affected 68,680,741 accounts. And maybe someone can explain why in 2016 we’re all first finding out the scope of older breaches like this one and LinkedIn, Tumblr, and MySpace, to name just some….