The Yemen Cyber Army (YCA) has released more data from its hack of the Saudi Ministry of Foreign Affairs (previous coverage here and here). Media sources reported after the first disclosure that Riyadh confirmed the internal Internet network attack but disputed the extent of the hack. At this rate, their protestations might want to be walked…
Category: Exposure
Jersey City Medical Center employee gaffe exposed patients’ PHI in e-mail attachment
Add Jersey City Medical Center to entities experiencing an e-mail breach of PHI. From their statement of April 20, 2015: On February 19, 2015, as part of routine hospital operations, an employee of Jersey City Medical Center accidentally sent an e-mail meant for internal use that included an attached spreadsheet with some patient information to…
Update: Boyd Hospital recovers records that had become new building owner’s property
HIPAA Journal has an update to a situation I had previously noted on this site – a hospital that failed to remove stored medical records from a building before its new owner took possession – despite, the new owner says, repeated calls on his and a realtor’s part alerting them to the situation. The hospital attempted…
FL: Personal documents, SSN found in dumpster behind Orlando law firms
WFTV reports: Several local law firms could be in hot water for dumping sensitive information containing client information into a dumpster. Law firms are supposed to shred or burn the information, officials said, but piles of sensitive documents, including bank account information, were in plain sight. Unfortunately, they don’t report the names of the law…
United Recovery Group notifying patients of HIPAA privacy breach (updated)
Florida-based Unity Recovery Group is notifying patients of a HIPAA breach that involved disclosure of their protected healthy information to providers outside their network without prior written consent. The breach apparently began in April 2014 and continued for a full year, until it was discovered in April of this year, as their letter explains: We…
Ca: City of Oshawa reports privacy breach after 1,000 recreation user e-mail addresses released
Oshawa This Week reports: Oshawa officials are reporting a privacy breach in the recreation and culture department after a list of e-mail addresses was accidentally released. The breach affects people who authorized the City to contact them and also participated in a 2015 fitness program or registered for aquatics such as swim lessons in 2015….