So I asked you to let me know what you thought the worst health data breaches of 2017 were. I’ve gotten only a few responses, but they all agree with each other. But let’s hear what you think. You can email me your picks or thoughts at admin[at]databreaches[dot]net or tweet them to me at @PogoWasRight…
Category: Of Note
Health open data bungle meant Aussies could be identified
Note: this report out of the University of Melbourne is a follow-up study related to a breach disclosed in 2016. Allie Coyne reports: Researchers from the University of Melbourne have been able to easily re-identify patients from confidential data released by the federal Health department, without using decryption methods. Dr Chris Culnane, Dr Benjamin Rubinstein…
Researcher claims LinkedIn ignored security flaw, but did they?
Tom Warren reports: Khalil Shreateh, a self-professed IT expert from Palestine, hit the headlines four years ago when he hacked Facebook CEO Mark Zuckerberg’s wall. Shreateh was frustrated that Facebook was ignoring a big security flaw, so demonstrating it on Zuckerberg’s own Facebook wall was an easy way to get the company to act. Shreateh…
21st Century Oncology settlement with HHS over 2015 data breach came with a $2.3 million price tag
There’s an update or follow-up to a breach involving 21st Century Oncology that was first reported on this site in March 2016. The breach, which they first learned of in November 2015 when federal agents contacted them, was the second breach in as many years that the entity had neither prevented nor discovered under its…
Federal Court Permits Former Employees’ Data Breach Claims to Move Forward
Jeffrey M. Schlossberg writes: A data breach occurs in which an outside individual obtains your company’s employees’ W-2 forms including social security numbers, addresses, and salary information. As a result, your company notifies all affected employees, explains what occurred, and offers a complimentary two-year membership to a service that helps detect misuse of personal information. …
UK: Hacker known as “‘Courvoisier” pleads guilty to hacking details of 165,000 people from sites including T-Mobile, Uber, and Groupon
Ashitha Nagesh reports: A cybercriminal has admitted hacking companies including Uber, Sainsbury’s and Groupon in order to sell users’ personal data on the dark web. Grant West, 25, got hold of the details of 165,000 customers of the online takeaway service Just Eat over a five month period, between July and December 2015. […] Appearing…