The North Dakota Department of Human Services is notifying 2,452 Medicaid program recipients or their guardians/personal representatives about a breach of the recipients’ protected health information. The department is mailing letters to affected individuals and has posted a notice to its website to apologize, provide details about the breach, and offer credit/identity theft monitoring services….
Category: Exposure
AU: Cosmetic surgery online mistake allows public viewing of women’s photos, private details
Yet another breach involving a cosmetic surgery facility. This one is in Australia, not Beverly Hills…. A cosmetic surgery clinic has leaked the confidential details of hundreds of women from around Australia in an extraordinary privacy breach. Teenagers are among those left shell-shocked after their names, home addresses, Medicare numbers and medical history were posted on the…
Stephenville Medical & Surgical Clinic notifies patients after data sent to another patient in error
I wonder if this incident really occurred on May 19, 2016, or if that was a typo and they meant to write “2017.” Their press release: Stephenville, Texas, May 31, 2017 / Stephenville Medical & Surgical Clinic, P.A. (SMSC) , a multi-specialty clinic serving the Stephenville, Texas area, disclosed it was involved in a data…
Has Booz Allen Hamilton had yet another serious and embarrassing data leak?
So while I was busy trying to get from there to here, UpGuard’s new site, Cyber Resilience, released its first blockbuster report: In what constitutes the latest in a series of blows to the US intelligence community’s reputation for stringent information security, UpGuard’s Cyber Resilience Team can now reveal the discovery by Cyber Risk Analyst…
Children’s Mercy Hospital notifies parents after physician error exposes health information
Sometimes your policies are fine, but a well-meaning employee still manages to violate them. Consider this notification from Children’s Mercy Hospital in Kansas City, Missouri: Kansas City, Mo. – May 19, 2017 – Children’s Mercy’s information security department recently discovered an unauthorized website that contained certain patient information. The information had been collected by one…
UK: Fury as Basildon Council is fined £150k after accidentally publishing travellers’ private details online
Charles Thomson reports: Basildon Council has been fined £150,000 for breaching the Data Protection Act, after accidentally publishing a resident’s details on the council website. The council published a planning statement on its website but failed to redact private information before making it public. The private information remained online for six weeks before eventually being…