Several weeks ago, I noted a misconfigured 2014 version of World-Check database and an analysis of its contents. The database contains information on individuals who have histories of allegedly being involved in financial crime, terrorism, or other types of crime. Banks and other institutions use such databases as part of their due diligence. Today, I see that two…
Category: Exposure
Alabama website breach revealed personal data of some state retirees
Mike Cason reports: A Mobile woman who was helping her parents with their state health insurance coverage saw names, dependent’s names, dates of birth and Social Security numbers of other insurance program members on the system’s website. Amanda Murdick said when she opened a portal for members on the website of the Public Education Employees’…
MT: State health employees fired after giving data to lawmakers
AP reports: Montana health officials have fired two employees for providing the Social Security numbers and other personal information of 185 childcare providers to three state legislators. The Associated Press obtained copies of letters mailed to the Republican lawmakers from Department of Public Health and Human Services director Richard Opper asking them to destroy the…
OHSU pays nearly $3 million over two data breaches in 2013
Lynn Terry has the scoop on what appears to be a new HHS resolution agreement. There’s nothing up on HHS’s site or in my mailbox yet about this one, but I had covered the four breaches mentioned in her report as well as a more recent breach (search OHSU). Oregon Health & Science University has…
Leaky database leaves Oklahoma police, bank vulnerable to intruders
Dell Cameron reports: A leaky database has exposed the physical security of multiple Oklahoma Department of Public Safety facilities and at least one Oklahoma bank. The vulnerability—which has reportedly been fixed—was revealed on Tuesday by Chris Vickery, a MacKeeper security researcher who this year has revealed numerous data breaches affecting millions of Americans. The misconfigured…
Physician took work home, and there it stayed after his employment terminated (UPDATED)
Here’s a breach that was actually disclosed in June, but first was posted to HHS in July. Kudos to HIPAAJournal who found their statement on their website when my old eyes missed the small print. You can read HIPAAJournal’s coverage here. The following is from Midland Memorial Hospital’s statement concerning a breach that impacted 1,468 patients: MIDLAND,…