I really miss the days when NYS posted all the breach notifications it received online, but they still occasionally post breach alerts. This week, the NYS Department of Financial Services posted an alert concerning Columbian Mutual Life Insurance Company. In looking into it, I discovered that LocalSYR.com had reported the breach on April 21st: Columbian Mutual…
Category: Lost or Missing
UK: Welsh police force fined £160,000 for loss of DVDs with sex abuse victim interview
The ICO has hit South Wales Police with a £160,000 fine for losing a video recording which formed part of the evidence in a sexual abuse case. Three DVDs (one master and two copies) contained video of an August 2011 interview with a victim who had been sexually abused as a child. The victim’s face showed in the…
SC: Roper St. Francis Hospital notifying 360 patients about lost flash drive (updated)
WCSC reports that 360 patients of Roper St. Francis Hospital will be getting a letter about a lost flash drive that contained what a hospital spokesperson described as “limited patient information.” The information may be “limited,” but it still is sensitive: names, ages, diagnoses, and dates of procedures. Hospital officials say a thorough search and investigation was conducted, and…
MA: Life Care Center of Attleboro Notifies Former Patients and Employees of Missing Records
Patients at Life Care Center of Attleboro between 1992 and 2004, in 2006, or in 2011, may have been affected by a breach involving paper records. The breach involved storage vendor Iron Mountain, who was unable to locate the records during a limited audit. Although neither Iron Mountain nor Life Care Center of Attleboro seem to suspect data…
Let’s send an unencrypted thumb drive via mail. What can possibly go wrong, right?
No, Human Resource Advantage. You do not get to put an unencrypted thumb drive with employee records in the regular mail to TrustHCS and then claim you take the security of personal information in your control “very seriously.” From your own investigation, that drive contained names, Social Security numbers, dates of birth, bank account information, postal…
UK: Children’s details lost and sent to wrong place by Derby City Council employees
The Derby Telegraph reports: Derby children’s personal details have been lost and posted to the wrong address this year by city council staff. The paper filed under freedom of information and found out more about the Derby City Council‘s breaches over the past 12 months. Incidents included: a lost notepad containing details of cases “review…