From their press release: Inmediata Health Group, Corp. (“Inmediata”) recently became aware of a data security incident that may have involved the limited personal and medical information of some of its customers’ patients. Inmediata is directly mailing notification letters to individuals who may have been affected by this incident and to provide resources to assist…
Category: Subcontractor
Greek DPA Issues EUR 30,000 Fine For Data Protection Violation by Hellenic Petroleum S.A.
Hunton Andrews Kurth writes: On April 15, 2019, the Greek Data Protection Authority (“DPA”) fined Hellenic Petroleum S.A. EUR 20,000 for unlawful processing of personal data and EUR 10,000 for failing to adopt appropriate data security measures. Hellenic Petroleum S.A. had engaged a vendor to conduct a study on its behalf. The study was exposed…
Update on Meditab breach
On March 19, this blog linked to a TechCrunch report about an improperly secured Meditab fax server that potentially allowed fax images with patient information to be accessed from an analytics portal. The exposure had been found by SpiderSilk, a cybersecurity firm in Dubai, who estimated that 6 million images were potentially accessible. The TechCrunch…
Accounting firm notifies clients affected by Citrix Shareful incident
In December, 2018, Citrix forced a password reset for some of its clients due to what appeared to be a credential stuffing attack against ShareFile. But did some customers first find out about it March? On April 16, external counsel for LD Evans, CPA provided notification that began; On March 4, 2019, LD Evans learned…
UK: Law Firm Launches $6.5 Million Action Against Ticketmaster Over Data Breach
Richard Smirke reports: A British law firm has launched a £5 million ($6.5 million) legal action against Ticketmaster following last year’s security breach, which is believed to have affected up to 40,000 U.K. customers. […] The U.K. arm of Ticketmaster detected a major security breach on June 23, 2018 when it identified malicious software on…
MO: Burrell Behavioral Health notified more than 67,000 patients whose ePHI were exposed by business associate
On March 29, Burrell Behavioral Health published a news release about an unnamed business associate accidentally exposing ePHI of more than 67,000 patients back in August, 2018. Burrell’s notification, reproduced below, does not indicate when the problem was first detected nor how they learned of it, but it was they who notified their business associate…