The Progress-Index reports: VCU Health System is notifying about 4,700 individuals that their or their minor child’s electronic health information was inappropriately accessed. There is no indication that the private health information has been or will be used for any malicious purposes. The matter came to light on May 9, when an unusual pattern of…
Category: Health Data
Only researchers accessed the exposed 211 call logs – Los Angeles County
There is a follow-up to an incident involving exposed Los Angeles County 211 call logs. The misconfiguration had been discovered by UpGuard and was reported in May. Now the County has submitted its report to the California Attorney General’s Office. It states, in part: Our investigation determined that the incident was caused by an employee…
WI: Manitowoc County data breach affected personal health, medical information
Alisa M. Shafer reports: Manitowoc County officials have released more information about a data breach of a Manitowoc County email account in January. The press release from June 22 states: “On or around January 14, 2018, an unauthorized party was able to gain access to a Manitowoc County email account most likely through what is called…
Humana notifies members after credential stuffing attack on Humana.com and Go365.com
Health insurer Humana recently began notifying an unspecified number of health plan members after detecting and blocking a credential stuffing attack against Humana.com and Go365.com. The attacks took place on June 3 and June 4 from overseas IP addresses. In a notification letter dated June 21, Jim Theiss, Humana’s Chief Privacy Officer, writes: On June 3,…
Associated Dermatology and Skin Cancer Clinic notifies patients after journal stolen from employee’s car
Associated Dermatology and Skin Cancer Clinic of Helena notified 1,254 patients of a breach of unsecured personal patient protected health information. On May 26, an Associated Dermatology employee learned that someone had broken into her car and taken a journal she had been keeping for personal use to assist her in her care of Associated…
UK: Anger after data of hundreds of patients at GP practice is sent out in post
Lewis Clarke reports: Data of hundreds of residents who had not had an NHS health check have been sent to a patient by mistake. The data breach was discovered by staff at Amicus Health which runs Clare House Surgery on June 15 when a list containing the name, date of birth, age and gender of…