Joseph Patrick McCormick reports that 780 patients at the 56 Dean Street sexual health clinic in London had their names, HIV status, and contact details exposed to one another. The breach occurred when an employee sent out an email newsletter but put the mailing list in the “To:” field instead of the “bcc” field. The clinic…
Category: Health Data
UCLA Health notifying patients of stolen laptop containing personal health information; third breach report in as many months?
Hard to believe, but UCLA Health is notifying patients of yet another data breach. From a notice issued today: UCLA Health is sending notification letters to 1,242 individuals about the theft of a laptop computer containing patient names, medical record numbers, and health information used to help prepare patient treatment plans. No social security numbers,…
Ca: Hospital clerk pleads guilty to stealing, selling patient records
An update from Marco Chown Oved on the Rouge Valley Hospital insider breach reported last year: A former Rouge Valley Hospital clerk has pleaded guilty to stealing thousands of patient records and selling them to financial brokers over the course of more than a decade. Shaida Bandali, 61, who worked at Rouge Valley from 1995-2014,…
Boston University notifies medical research participants after server compromise
When a Boston University server was used to launch attacks against a system in Nova Scotia in May, the Nova Scotia network administrator contacted BU to alert them. BU’s month-long investigation revealed that one of its servers had been compromised – possibly by a hacker in Russia – in March 2015. Of note, the compromise…
“Small” breach, big impact, redux
In November 2013, I blogged about the case of a privacy breach at Northern Inyo Hospital that was so devastating to the patient that she was going to move away. The breach was a willful insider breach that impacted a custody dispute. That same year, and unbeknownst to most people, there was a lawsuit filed over another insider…
Chicago Woman Indicted For Stealing Identities Of Nursing-Home Residents
A Chicago woman sought federal tax refunds through a series of fraudulent returns she filed in the names of other people, including a number of nursing-home residents who had no knowledge that their personal information was being used, according to a federal indictment announced today. SHANTELL WINTERS, 28, prepared and electronically filed a dozen individual…