Kimberly Bosco reports: New York-based health insurance provider EmblemHealth, Inc. is paying the state of New Jersey a hefty fine for disclosing confidential personal information of over 6,000 New Jersey customers. Attorney General Gurbir S. Grewal and the Division of Consumer Affairs announced on Dec. 10 that EmblemHealth will pay NJ a $100,000 civil penalty….
Category: Exposure
Thielen Student Health Center accidentally leaks patient names, appointment dates
Kaitlyn Hood reports: Thielen Student Health Center (TSHC) experienced a data leak where inadvertently disclosed student information could be seen. Erin Baldwin, director of Thielen Student Health Center said on Nov. 5 the TSHC experienced a breach in their system when a coding error occurred as they put student information into a system to be…
Bethesda’s support site leaked people’s real names and addresses
Matt Cox reports: In a security breach last night (now resolved), Bethesda’s support site revealed the personal information of customers who’d submitted support tickets. The details – which included people’s names, addresses and phone numbers – mostly belonged to Fallout 76 Power Armor Edition buyers, who were after a replacement canvas bag for the nylon…
Florida contractor physicians’ group settles HHS claims after they failed to have a BA agreement in place with a vendor who had a breach
There is a follow-up to a 2014 breach reported on this site at the time. But it turns out there was an interesting twist to this case that HHS followed up. Here is their press release: Advanced Care Hospitalists PL (ACH) has agreed to pay $500,000 to the Office for Civil Rights (OCR) of the…
Jared, Kay Jewelers Parent Fixes Data Leak
Brian Krebs reports: In mid-November 2018, KrebsOnSecurity heard from a Jared customer who found something curious after receiving a receipt via email for a pair of earrings he’d just purchased as a surprise gift for his girlfriend. Dallas-based Web designer Brandon Sheehy discovered that slightly modifying the link in the confirmation email he received and…
AU: Commonwealth Bank customers’ medical data exposed in potential privacy breach
Dan Oakes reports: The Commonwealth Bank is urgently investigating a potential data breach that may have given its staff access to customers’ sensitive medical information. The issue was discovered around late July as the bank made preparations for the $3.8 billion sale of its insurance arm, CommInsure, to the AIA group. Medical information supplied by…