As I’ve lamented (ok, bitched) many times: trying to notify an entity of a privacy or data security concern can be time-consuming and frustrating if the entity does not provide a clear means to notify them or doesn’t respond to your e-mails or calls. If you are thinking of trying to notify Maricopa County, Arizona…
Category: Of Note
Anyone know what healthcare facilities these are? 655,000 patient records up for sale on dark net (UPDATED)
Seen up for sale on a forum (I’m redacting the ads and samples): Healthcare Database (48,000 Patients) from Farmington, Missouri, United States This product is a considerably large database in plaintext from a healthcare organization in Farmington, Missouri, United States. It was retrieved from a Microsoft Access database within their internal network using readily available plaintext…
AL governor axes officials, asks FBI for help after finding unauthorized access to state’s criminal justice database
Paul Gattis reports: Gov. Robert Bentley has fired a high-ranking official in the state department of finance and placed a second on leave after concerns of a computer security breach emerged. The breach came to light following an investigation by the Alabama Law Enforcement Agency, according to a letter Bentley wrote June 10 to the FBI….
Former ProMedica therapist convicted of illegally obtaining patient data
An update on a previously noted insider breach case. From NBC24: A former ProMedica respiratory therapist has been convicted in federal court of illegally obtaining health information while employed at Bay Park Hospital. A trial began against Jamie Knapp, 27, began on Monday in U.S. District Court in Toledo. The former ProMedica employee was tried…
Information on 154 million voters exposed in the cloud – again. (Updated)
MacKeeper Security Researcher Chris Vickery has found yet another misconfigured database with U.S. voter information and profiles. This one has 154 million records. See my report about it over on the Daily Dot. One day maybe our government or state attorneys general will start actually enforcing some data security on those who create these massive…
LinkedIn data breach blamed for multiple secondary compromises
Steve Ragan reports: The LinkedIn compromise has been linked to a number of confirmed incidents where data exfiltration has taken place. It’s possible these incidents are only the tip of the iceberg though, as many of the organizations compromised are service providers with access to customer networks. […] Multiple industry sources have shared additional details…