The following was posted by John Donavan and attributed to Royal Dutch Shell (“Shell”) Chief Ethics & Compliance Officer Richard Wiseman: Colleagues, I am writing to inform you of an incident involving misuse of company data. It has become clear recently that the Global Address List, containing contact information of everyone in Shell and some…
Category: Of Note
(update) Ceridian computer glitch may have helped hacker
Steve Alexander reports: The hacker who stole information about 27,000 people from payroll processor Ceridian Corp. apparently had some inadvertent help from the company. According to one hacking victim, a Ceridian employee told him that his inactive, 10-year-old payroll data had been stolen because a Ceridian software glitch kept it in the company’s database long…
The state of data security – or lack thereof – in NY school districts
Yesterday, I posted an item about a Lindenhurst school district audit that indicated that a school district’s funds had been illegally transferred back in 2007 and that the district had not detected the problem. Last month, a similar situation occurred with the Duanesburg School District, also in New York. Dee Alpert, publisher of The Special…
TX: (follow-up) Memorial Hermann worker sentenced for bank fraud, ID theft
As a follow-up to a case previously mentioned on this site: A former patient care assistant of a Houston area hospital has been sentenced to prison for bank fraud and stealing the identities of patients, United States Attorney Tim Johnson announced today. Nakeshia Brown, 30, of Houston, was sentenced to a total of 60 months…
HIPAA complaints decreased significantly in 2009
The following is cross-posted from PHIprivacy.net: Dennis Melamed provides monthly HIPAA complaint statistics based reports by the HHS Office for Civil Rights (OCR). It seems that not only did breach reports in general decline in 2009 relative to 2008, but privacy and security complaints to HHS also declined. Melamed reports: OCR received 7,116 complaints in…
Iowa racetrack and casino employee data on hacked server
The Iowa Racing and Gaming Commission said Friday that its database containing licensing information of racetrack and casino employees had been compromised after a firewall was breached by an outside Internet address. A news release issued by the commission said that the breach took place Tuesday when one of the firewalls “was circumvented due to…