Vendor’s mistake potentially exposed “millions” of Bronx-Lebanon Hospital patients’ information; Hospital and vendor try to claim that iHealth Solutions was “hacked” by security researchers who uncovered the security problem; Hospital and vendor issue series of demands, threaten DataBreaches.net for reporting on incident; On May 3, Kromtech Security’s research team, conducting routine research, found that confidential and sensitive patient…
Category: Exposure
Email gaffe exposes more than 700 Rutland Regional Medical Center patient email addresses in survey request
April McCullum reports: Rutland Regional Medical Center is facing privacy questions after sending out a patient survey that revealed more than 700 email addresses. The hospital sent an electronic survey this month about how the hospital could improve its patient discharge paperwork, according to a copy obtained by the Burlington Free Press. Hundreds of email addresses in the “To”…
Attorney’s confidential files on abused children scattered on street
Gabrielle Fonrouge, Kevin Fasick and Natalie Musumeci report: A court-appointed lawyer left documents containing the names and addresses of child-abuse victims — and even explicit details about their cases — to be scattered along a busy Midtown street, The Post has learned. The alleged breach of confidentiality involved 13 city and state case files that…
Ca: Children solely affected by OHIP privacy breach
Johanna Weidner reports: Personal information for thousands of children was mailed to strangers in an OHIP privacy breach. The province confirmed Thursday that all the incorrectly printed health card renewal notices it mailed belonged to children who have a birth date in early July. A printing mistake on the double-sided form resulted in a mismatch…
NYU Accidentally Exposed Military Code-breaking Computer Project to Entire Internet
Sam Biddle reports: IN EARLY DECEMBER 2016, Adam was doing what he’s always doing, somewhere between hobby and profession: looking for things that are on the internet that shouldn’t be. That week, he came across a server inside New York University’s famed Institute for Mathematics and Advanced Supercomputing, headed by the brilliant Chudnovsky brothers, David and Gregory. The…
UPDATE: iHealth Innovations responds to Bronx-Lebanon Hospital data security concern
Yesterday, DataBreaches.net reported on a misconfigured rsync backup that had been detected by Kromtech Security. The security firm had contacted DataBreaches.net for notification assistance on May 3 after unsuccessfully trying to notify iHealth Innovations that patient data from Bronx-Lebanon Hospital Center could be accessed and downloaded without any login required. One week later, we still do…