For more than one year, employee data of approximately 8,500 Department of Social Services employees was exposed online due to an error by contractor Business Information Services. Paul Karp reports that the compromised data included: credit card information, employees’ names, user names, work phone numbers, work emails, system passwords, Australian government services number, public service classification…
Category: Subcontractor
Social Security numbers of 2,100 Maine foster care participants posted online
J. Craig Anderson reports: The names, addresses and Social Security numbers of roughly 2,100 Mainers who receive foster care benefits were accidentally posted to a public website in September, the Maine Office of Information Technology said Monday. The incident was the responsibility of an employee of a contractor, Knowledge Services, who still has a contract…
Cook County Health and Hospitals System Patients Impacted by Experian Health Breach
HIPAA Journal reports: Cook County Health and Hospitals System, a health system comprising two hospitals and more than a dozen community health centers in Cook County Illinois, has alerted patients to a breach of their protected health information. The breach occurred at Experian Health, a business associate of Cook County Health and Hospitals System. Experian…
Security flaw may have exposed personal info on 21,000 Utah Express Pass users
Oops? Art Raymond reports: A vigilant UDOT Express Pass customer discovered a glaring security breach in the third-party website that manages pass accounts, but state officials don’t yet know if the personal information of approximately 21,000 current and former customers has been compromised. That information on customers who have purchased passes for accessing HOV lanes…
Midland County notifies residents of data breach
Violet Trevizo reports: The Midland County District Attorney is warning residents after their third-party payment system was hacked. According to a press release, information entered into a third-party payment system could have been compromised back on Sept. 6 due to a security breach. Since the forensic investigation was not conducted by the vendor, Midland County…
Reserve Bank of India Fines Yes Bank $1 Million for Tardy Breach Reporting
Suparna Goswami reports: The Reserve Bank of India has slapped a $1 million (U.S.) penalty on Yes Bank for failing to promptly notify the central bank of a 2016 data breach of its ATM network. This is reportedly the first such penalty imposed on a bank. OK, this was a breach of the Yes Bank…