Oh the things that we learn from freedom of information requests: Personal information including medical details, a bank statement and the outcome of a disciplinary hearing are among documents accidentally leaked to members of the public in the past year, it has emerged. In Wolverhampton, a list of vulnerable people in placements was left in…
Category: Commentaries and Analyses
Failure to encrypt results in EPIC breach
Sometime in the evening of July 16 or the early morning hours of July 17, burglars managed to steal five laptop computers from the offices of Edgewood Partners Insurance Center (EPIC) in San Francisco. The theft was discovered on the 17th and reported to the police, but as of September 6, the laptops – one…
UK: ICO to scrutinize firms’ use of rogue private detectives
Cynthia O’Murchu and Helen Warrell report: The Information Commissioner’s Office is looking into whether companies and individuals broke the law by using private investigators convicted of illegally obtaining private data. Last week the ICO was given 20 files of material by the Serious Organised Crime Agency relating to four private investigators found guilty of “blagging”…
The State of Standing in Data Breach Litigation
Margaret Dale and David Munkittrick of Proskauer have this article on Law.com about the state of standing in data breach lawsuits.
Other recent breaches that flew under the media radar
State web sites that post breach reports often reveal breaches we didn’t learn about via media coverage. Here are five that I learned about in the past few days: Republic Services reported that a laptop stolen from an employee’s home contained current and former employees’ names and Social Security numbers. The theft occurred in Maricopa…
Advocate Medical Group notifying 4 million patients after burglars snatch unencrypted computers
Advocate Medical Group and its parent, Advent Healthcare, may have just bought themselves a heap of problems. Storing more than 20 year-old personally identifiable data including Social Security numbers on unencrypted computers with less than strong physical security doesn’t bode well for any investigation by HHS or Illinois’s Attorney General. (corrected name on medical group)