Illinois-headquartered Flexible Benefit Service Corporation (“Flex”) is a general agency and benefit administrator serving insurance brokers, employers and insurance carriers. As such, they are a Business Associate to HIPAA-covered entities. The follow is from their notification of a security incident that was reported to HHS on February 16, as impacting 5,123 people. Flex does not indicate…
Category: Subcontractor
Tufts Health Plan notifies 70,320 members after vendor error exposes information in envelope window
Yes, it has happened again. Protected health information exposed in an envelope window. Why do entities still use envelopes with windows? Anyway, Tufts Health Plan explains in their notification of February 16, 2018: Subject: Notice of Inadvertent Disclosure of Health Plan Information What happened? Tufts Health Plan uses a vendor to handle mailing of member…
FastHealth notifies patients of 2017 incident involving their data
In May, 2017, this site started reporting that a number of healthcare facilities had been impacted by a breach at their vendor, Tuscaloosa-based FastHealth. FastHealth provides website and operational tools and services, including online bill payment. According to FastHealth’s news release at the time, an unauthorized third party had altered code on its web server,…
UGA student accused of hacking account to change grades
Joe Johnson reports: A University of Georgia student is facing 80 felony counts for allegedly hacking into a professor’s computer to change his grades. Michael Lamon Williams, 21, was booked into the Clarke County Jail Wednesday on nine counts of computer trespass and 71 counts of computer forgery. Williams, a student of UGA’s Terry College…
Western Union Customer Data Stolen – Company Blames an Unnamed Storage Firm
Rafia Shaikh reports: Trusted Western Union with your money? It appears the company may have lost your information to hackers. While the company talks about testing transactions with Ripple and expects higher sales in 2018, it seems it’s having some troubles with security. Some of the Western Union consumers started receiving a letter from the…
UK: Scores of confidential files with personal details about abuse survivors were left in our office – and nobody seemed to care
Jennifer Williams reports: Scores of confidential social services files containing highly personal details about the lives of vulnerable young people – including abuse survivors – have been found abandoned in an empty Tameside office. The extraordinary data breach was discovered by the building’s landlord after drug service contractor Change, Grow, Live (CGL) left a fortnight…