Over the weekend on PogoWasRight.org, I linked to an editorial from The Korea Herald about the sale of medical information of 43 million people (nearly 90% of the Korean population). The editorial began: A company specializing in developing medical fees settlement programs used by hospitals and the Korea Pharmaceutical Information Center — which distributed free pharmacy…
Category: Other
Abandoned autopsy lab in Tobolsk, Siberia still has medical records, human remains
This is a somewhat bizarre – and disturbing – breach involving medical records and human remains. Police have launched an investigation after an abandoned autopsy laboratory containing mummified baby remains was discovered in a park. The gruesome facility in Tobolsk, which may have been used as recently three years ago, was stumbled across by a…
Server compromised due to social engineering against ISP NFOrce
Seen on Twitter: Server compromised due to social engineering against ISP NFOrce. There will be extended downtime for forensic analysis and reinstall. — BitcoinTalk (@bitcointalk) May 22, 2015 And over on redddit, theymos writes: The forum’s ISP NFOrce managed to get tricked into giving an attacker access to the server. I think that the attacker…
New Wayland treasurer named after attempted computer breach
I don’t remember seeing this one before. Michael Wyner reports that Wayland, Massachusetts had a near-miss on having $4 million in town funds stolen by cybercriminals: Wayland Police began investigating the security breach on Jan. 30, and found that malware on one of the town’s computers was used to gain bank account information and codes. In…
Dentrix vulnerability still poses risk to patient data: researcher
In early 2014, and over on PHIprivacy.net, I published some posts expressing concern about a vulnerability in Dentrix software, Dentrix’s claims at the time that its G5 product incorporated “encryption,” and their subsequent decision that the firm would not individually notify all customers that what the customers had been sold as “encryption” was not encryption. Following up on the public posts,…
NY: Jacobi Medical Center notifies 90,060 patients after employee emailed PHI to her personal account and new email address at another employer
Jacobi Medical Center, part of the New York City Health & Hospitals Corporation, issued this statement on April 28: The New York City Health and Hospitals Corporation (HHC) this week began to notify about 90,000 HHC patients about the possible disclosure of some of their protected health information (PHI) that may have occurred when a…