AP reports: Montana health officials have fired two employees for providing the Social Security numbers and other personal information of 185 childcare providers to three state legislators. The Associated Press obtained copies of letters mailed to the Republican lawmakers from Department of Public Health and Human Services director Richard Opper asking them to destroy the…
Category: Exposure
OHSU pays nearly $3 million over two data breaches in 2013
Lynn Terry has the scoop on what appears to be a new HHS resolution agreement. There’s nothing up on HHS’s site or in my mailbox yet about this one, but I had covered the four breaches mentioned in her report as well as a more recent breach (search OHSU). Oregon Health & Science University has…
Leaky database leaves Oklahoma police, bank vulnerable to intruders
Dell Cameron reports: A leaky database has exposed the physical security of multiple Oklahoma Department of Public Safety facilities and at least one Oklahoma bank. The vulnerability—which has reportedly been fixed—was revealed on Tuesday by Chris Vickery, a MacKeeper security researcher who this year has revealed numerous data breaches affecting millions of Americans. The misconfigured…
Physician took work home, and there it stayed after his employment terminated (UPDATED)
Here’s a breach that was actually disclosed in June, but first was posted to HHS in July. Kudos to HIPAAJournal who found their statement on their website when my old eyes missed the small print. You can read HIPAAJournal’s coverage here. The following is from Midland Memorial Hospital’s statement concerning a breach that impacted 1,468 patients: MIDLAND,…
AU: Breach sees abusive dad given address to his kids
It’s these “small breaches” that are often the most worrisome, as I’ve said ad nauseum for a decade. Here’s a case where an agency screws up, and their incident response is appalling – and dare I say, negligent. Yahoo7 reports: A violent father barred from seeing his children has been handed their new address in a…
Baton Rouge police database ‘hacked’ in retaliation for killing of Alton Sterling
Patrick Howell O’Neill reports: Just days after the fatal shooting of a black man by Baton Rouge police prompted international outrage and a Justice Department investigation, the Baton Rouge city government’s servers have been “hacked” and 50,000 city police records leaked online including names, addresses, emails, and phone numbers. A hacker named @0x2Taylor claimed responsibility…