Here we go again, it seems. No matter how irate you may be a patient’s bad review and no matter how unfair you think it may be, no, you cannot just reveal their protected health information without their consent – even if they revealed some of it themselves. Patrick Danner reports: A San Antonio doctor…
Category: Exposure
TX: Email gaffe revealed 1,417 cancer patients’ email addresses
Cindy George reports: A “carbon copy” email sent last week from the Houston Methodist Cancer Center to patients showed the addresses of all recipients, potentially revealing their identities to the public and their association with the treatment facility. Patients were alerted about the issue by Houston Methodist in a letter dated March 16 and sent…
Oh those inadequately secured backup devices…
While I’ve been busy tracking W-2 phishing scams, let’s not lose sight of the fact that there are other ways for criminals to obtain W-2 or tax information, and that human error continues to turn assets into low-hanging fruit. Interpreters Unlimited recently notified the Vermont Attorney General’s Office that the contents of an employee’s backup device were…
McDonalds India is leaking 2.2 million users data
Hackernoon writes: This is published under our responsible disclosure policy The McDonald’s India app, McDelivery is leaking personal data for more than 2.2 million of its users which includes name, email address, phone number, home address, accurate home co-ordinates and social profile links. We contacted McDelivery on 7th Feb and received an acknowledgement from a…
Affiliated Santé Group learned that patient info was exposed on GitHub for years
So there was another breach disclosed in January that I didn’t find out about until today. It’s an insider-error situation involving a software developer contractor who unintentionally exposed protected health information (PHI) of 550 patients on GitHub – for more than five years. Here is Affiliated Santé Group’s notification: January 30, 2017 RE: Notice of…
Singapore Armed Forces apologizes for data leak
Chong Zi Liang reports: The identity card numbers and photos of a batch of Singapore Armed Forces (SAF) recruits were published online by mistake last Saturday before the authorities realised the error and removed the information the next day. In a statement, Basic Military Training Centre (BMTC) commander Desmond Yeo apologised for the blunder, adding…