Several weeks ago, Katy ISD in Texas started notifying 11,658 current and former employees that their SSN and personal information were on a flash drive that was lost by an IRS employee during an audit. Today, Landan Kuhlmann reports that the district enrolled all the affected employees in a credit-monitoring program provided by iLock360 for…
Category: Lost or Missing
Lawrence General Hospital notifies patients after thumb drive discovered missing
Lawrence General Hospital in Massachusetts has sent notification letters to 2,071 patients after a thumb drive with patient information was lost. The notification was made August 7, almost two months after the hospital discovered that the drive was missing from a secured hospital laboratory. The drive had been last seen on June 6, and was discovered missing…
TX: IRS employee loses flash drive with 11,000 Katy Independent School District employees’ SSN
Sofia Ojeda reports: More than 11,000 workers’ personal information, including birth dates, addresses, and Social Security numbers were potentially leaked during a random IRS audit. […] In an email to Katy ISD employees obtained by KPRC 2, Katy ISD Superintendent Alton Frailey explained the security breach. He said that Wednesday, the IRS conducted a random…
Privacy breach no more: Eastern Health finds missing USB in file folder
CBC News reports: Eastern Health says it’s found the missing USB flash drive containing thousands of employees’ personal information — it was in a file folder in the Human Resources department the whole time. The health authority reported a privacy breach June 19 when a drive containing sensitive information of 9,000 employees went missing. Read…
UK: Brunel University London signs undertaking to provide staff training in data protection
Brunel University London agreed to sign an undertaking with the Information Commissioner’s Office (ICO) after an incident involving the loss of 10 boxes with seven personnel files and 61 Transfer of Undertakings (Protection of Employment) [TUPE] files. According to the undertaking, the incident occurred following an office renovation to remove asbestos. Brunel University London staff members…
UK: ICO issues £180,000 civil monetary penalty in wake of data breaches
The Information Commissioner’s Office (ICO) has issued civil monetary penalty (CMP) of £180,000 to the Money Shop in the wake of two incidents in 2014 that led to a fuller investigation of the Money Shop’s data protection policies and procedures. As described in the notice, on April 16, 2014, a Money Shop store in Lurgan, Northern Ireland was…