In doing some of my weekly investigating, I discovered that OCR seems to have closed its investigation into the Bizmatics, Inc. breach that affected an untold number of PrognoCIS customers and their patients. At last count, I think we knew about almost 300,000 patients that were notified of an incident where Bizmatics could not even…
Category: U.S.
Details emerge on Cefalu Eye-Tech of Green breach
As much as I try to find or obtain details on breaches in a timely fashion, it’s not always possible. For example, this month, there are several entities who reported breaches to HHS but have not responded to email and/or phone requests from this site for explanations of their incidents. But now we finally have…
Dropbox: Resetting passwords to keep your files safe
It looks like Dropbox had a late discovery on scope of a previously reported breach. From their blog yesterday: If you signed up for Dropbox prior to mid-2012 and haven’t changed your password since, you’ll be prompted to update it the next time you sign in. We’re doing this purely as a preventive measure, and there is…
Unorthodox Muddy Waters Partnership Targets St. Jude’s Devices
More on a situation I noted yesterday. This approach to using/monetizing vulnerability discoveries is downright scary…. but will it work to improve security? Here’s one of your must-reads for today. Jordan Robertson and Michael Riley report: When a team of hackers discovered that St. Jude Medical Inc.’s pacemakers and defibrillators had security vulnerabilities that could put…
Roman Seleznev Found Guilty on 38 Counts
I guess the jury didn’t buy the defense’s claim that the government had tampered with the evidence on Seleznev’s laptop. A federal jury yesterday convicted a Vladivostok, Russia, man of 38 counts related to his scheme to hack into point-of-sale computers to steal and sell credit card numbers to the criminal underworld, announced Assistant Attorney…
Tennessee dentist notifies patients of possible data theft by employee
As seen on the web site of Dr. Richard Boehm: As required by law, this notice is to inform our patients that some of your confidential personal information may have been compromised. It has come to our attention that an employee may have printed documents containing some of our patients’ personal information from our computer…