Erin Mershon reports that a mailing error by health insurer Aetna exposed sensitive information: Thousands of people with HIV received mailed letters from Aetna last month that may have disclosed their HIV status on the envelope. The letters, which Aetna said were sent to approximately 12,000 people, were meant to relay a change in pharmacy…
Category: Exposure
KS: When your incident response creates a second problem….
On August 16, Salina Family Healthcare posted a substitute notice about a ransomware incident: Salina, Kansas – August 16, 2017 – Salina Family Healthcare Center (“SFHC”) has become aware of a data security incident that may have resulted in the disclosure of personal and protected health information of our patients and payment guarantors. Although at…
AU: OAIC investigating Flight Centre customer data leak
Allie Coyne reports: Travel agency Flight Centre is under investigation by the country’s privacy regulator after accidentally releasing personal information of an undisclosed number of its customers to third-party suppliers. The firm confirmed last month that “human error” was behind the data breach. It has not said how many customers were affected, nor what personal…
US Voting Machine Supplier Leaks 1.8 Million Chicago Voter Records
Dell Cameron reports: A leading US supplier of voting machines confirmed on Thursday that it exposed the personal information of more than 1.8 million Illinois residents. State authorities and the Federal Bureau of Investigation were alerted this week to a major data leak exposing the names, addresses, dates of birth, partial Social Security numbers, and…
MN: Error exposes private info on thousands of South Wash. Co. students
Solvejg Wastvedt reports: Leaders of the South Washington County Schools apologized Thursday for a massive, accidental release of private student information sent out in an email attachment Wednesday from the district’s transportation department. The attachment contains names, grades, identification numbers, email addresses, mailing addresses, phone numbers, bus routes, pick up and drop off times, pick…
UK: Islington Council faces huge fine after massive data breach hit 90,000 people
A London council has been fined £70,000 after it accidentally published a cache of personal data including medical details, cheques, and even one person’s prison record. Islington’s parking system website published unencrypted personal information of almost 90,000 people, meaning it could be accessed by simply manipulating a URL Read more on Evening Standard.