Advocate Medical Group and its parent, Advent Healthcare, may have just bought themselves a heap of problems. Storing more than 20 year-old personally identifiable data including Social Security numbers on unencrypted computers with less than strong physical security doesn’t bode well for any investigation by HHS or Illinois’s Attorney General. (corrected name on medical group)
Category: Commentaries and Analyses
Security Clearance Jobs Lost—Paying A Sky High Price For Identity Theft
Sometimes we need a reminder as to the costs of ID theft to the victims. I’m referring to the real victims – not the companies or agencies that were the custodians of our information but failed to protect it adequately, but those whose lives are disrupted in long-lasting ways because there identity information has been…
ICO provides breakdown of data breach reports
The Information Commissioner’s Office has provided an interesting breakdown of breach reports for the first quarter of their fiscal year. The data are provided by incident type and sector, here. Not surprisingly, the largest incident type was “disclosed in error.” The healthcare sector and local government reported the most breaches, but then, not every entity…
UK: Welsh councils broke data protection laws 60 times
Alun Jones reports: Local authorities in Wales broke data protection laws over 60 times in 2012, BBC Wales has learned. In one case a worker allowed their partner to access and amend personal data. There were also several cases of posting personal data on websites, and an e-mail which accidentally disclosed sensitive details of 24…
Man who tries to report breach to Sears finds himself talking to someone in India?
Here we go again. It’s bad enough to have an easily avoidable breach. It’s worse when you make it difficult for people to report it to you. Today’s entry in this Hall of Shame is Sears. Nesita Kwan reports personal information of hundreds of former Sears employees, including their Social Security numbers, photos, records with…
Is Chase’s (800) 355-5265 really their fraud detection number? (Spoiler alert: yes)
Yesterday morning, I received a call from an 800-number that was only identified on my Caller ID as “Toll-Free.” I didn’t pick up, but Googled the number and found pages of reports, many of which suggested that the number, presumably for Chase Fraud Detection, was a scam. Others claimed it was for real. Not very…