Ken Alltucker reports: State health officials have warned 2,500 individuals and families with newborns that a box containing sensitive health, financial and personal information has been lost in the mail. The Arizona Department of Health Services said its newborn-screening program gathered the information for billing purposes. The misplaced records may include health information for children tested in…
Category: Subcontractor
Calling time of death on HHS’s “breach tool”
I was excited back in 2010 when HHS started posting breaches on what some would call the “wall of shame.” I knew that we’d only learn about breaches involving HIPAA-covered entities, but at least we were finally starting to get some actual data. Now, more than 6 years later, it’s become clear to me that it’s probably best to just call time of death…
TN: Williamson County Schools warns parents of security breach in student/teacher software
A follow-up on a breach previously noted on this site. I imagine we’ll see a number of these from school districts in the weeks and months to come. Williamson County Schools sent a message to parents Friday warning about a security breach of it’s (sic) Edmodo system putting student and parent information at risk. The…
“Shoot the messenger:” NYC hospital and vendor threaten DataBreaches.net for reporting on their security failure
Vendor’s mistake potentially exposed “millions” of Bronx-Lebanon Hospital patients’ information; Hospital and vendor try to claim that iHealth Solutions was “hacked” by security researchers who uncovered the security problem; Hospital and vendor issue series of demands, threaten DataBreaches.net for reporting on incident; On May 3, Kromtech Security’s research team, conducting routine research, found that confidential and sensitive patient…
Former Government Contractor Pleads Guilty To ID Theft Scheme
A former government contractor pleaded guilty Friday to stealing the identities of numerous co-workers to make purchases at online retailers such as Amazon, Express, and Victoria’s Secret. According to the statement of facts filed with the plea agreement, Lakeisha Bradshaw, 28, of Temple Hills, Maryland, was a government contractor employed by Veteran Solutions, Inc., and was…
UPDATE: iHealth Innovations responds to Bronx-Lebanon Hospital data security concern
Yesterday, DataBreaches.net reported on a misconfigured rsync backup that had been detected by Kromtech Security. The security firm had contacted DataBreaches.net for notification assistance on May 3 after unsuccessfully trying to notify iHealth Innovations that patient data from Bronx-Lebanon Hospital Center could be accessed and downloaded without any login required. One week later, we still do…