Merrit Jones and Jena Valdetero of Bryan Cave write: A number of retailers and manufacturers have recently received notices from the U.S. Consumer Product Safety Commission concerning a possible data breach. The CPSC’s letter advises recipients of an unauthorized release of confidential information that did not go through the procedures of 15 U.S.C. § 2055,…
Category: Exposure
MS: Lauderdale County employees’ sensitive information exposed
Whitney Downard reports: More than 100 Lauderdale County employees had their sensitive information shared via email to other employees covered by the county’s healthcare plan in an accidental exposure Tuesday. Personal information in the email included names, social security numbers and phone numbers. Chris Lafferty, the county administrator, inadvertently shared the information in a county-wide email sharing health…
KPMG Mexico Could Be Facing Fine of Up to $1.6 Million For Huge Data Leak Blunder
Jason Bramwell reports: Mexican authorities said KPMG Mexico could be fined as much as 30 million pesos (about $1.57 million) for exposing the confidential payroll data of employees at 41 of its clients, which was housed in an unsecured database that wound up on the Internet. According to El Economista, the National Institute of Transparency,…
AU: Centrelink privacy breach ‘horrendous’
The Australian Associated Press reports: Labor’s social services spokesperson Linda Burney has criticised the Coalition for its “mismanagement” of a remote community employment program after Centrelink clients had their details published to a public Facebook page. Dozens of names of those required to attend client meetings were uploaded by a Northern Territory work-for-the-dole provider in…
Inmediata Health Group notifies covered entities’ patients after exposure of PHI on web
From their press release: Inmediata Health Group, Corp. (“Inmediata”) recently became aware of a data security incident that may have involved the limited personal and medical information of some of its customers’ patients. Inmediata is directly mailing notification letters to individuals who may have been affected by this incident and to provide resources to assist…
Greek DPA Issues EUR 30,000 Fine For Data Protection Violation by Hellenic Petroleum S.A.
Hunton Andrews Kurth writes: On April 15, 2019, the Greek Data Protection Authority (“DPA”) fined Hellenic Petroleum S.A. EUR 20,000 for unlawful processing of personal data and EUR 10,000 for failing to adopt appropriate data security measures. Hellenic Petroleum S.A. had engaged a vendor to conduct a study on its behalf. The study was exposed…