A newly announced settlement between HHS OCR and Care New England reinforces what DataBreaches.net and Protenus, Inc. have been trying to remind everyone of this week: pay more attention to your business associate agreements and do so regularly. Care New England Health System (CNE), on behalf of each of the covered entities under its common ownership…
Category: Of Note
A.G. Schneiderman Announces Settlement With Trump Hotel Collection After Data Breaches Expose Over 70K Credit Card Numbers
NEW YORK – Attorney General Eric T. Schneiderman today announced a settlement with Trump International Hotels Management LLC, d/b/a Trump Hotel Collection (“THC”), involving data breaches resulting in the exposure of over 70,000 credit card numbers and other personal data. THC has agreed to pay $50,000 in penalties and to shore up its data security…
500 million Yahoo accounts breached; biggest breach ever publicly disclosed
Kim Hjelmgaard and Elizabeth Weise report: Information from at least 500 million Yahoo accounts was stolen from the company in 2014 and the company believes that a state-sponsored actor was behind the hack. The information may have included names, email addresses, telephone numbers, dates of birth, and, in some cases, encrypted or unencrypted security questions…
Dozens of clinics, thousands of patients impacted by third-party data leak
EMR4all, Inc. was a California business providing free EMR software to physical therapy, speech therapy, and occupational therapy practices that used their associated patient billing service, Rehab Billing Solutions (RBS). Over the summer, they began shutting down operations and notifying their clients of their closure. Their effort to make a graceful exit wound up marred by a data…
This Tool Lets You Check If Your Personal Info Is on the Dark Web
Joseph Cox reports: It’s pretty hard to know when your data might have been compromised. Over the last few years, an industry of threat intelligence firms has popped up that offer to monitor criminal forums, paste sites, and Tor hidden services for stolen intellectual property or customer information. Now, one of these companies is letting…
Court orders WakeMed to mitigate breach, pay fine
There’s a follow-up to a lawsuit noted previously on this site, and I think it will be of interest to those interested in healthcare sector breaches. John Murawski reports: WakeMed Health and Hospitals will soon notify thousands of patients that their personal and medical information was disclosed in court filings over six years. A federal bankruptcy…