Did no one really understand what “enhanced data sharing” would permit until now? Laura Donnelly reports: The medical records of 26 million patients are embroiled in a major security breach amid warnings that the IT system used by thousands of GPs is not secure. The Information Commissioner is investigating concerns that records held by 2,700 practices…
Category: Subcontractor
Affiliated Santé Group learned that patient info was exposed on GitHub for years
So there was another breach disclosed in January that I didn’t find out about until today. It’s an insider-error situation involving a software developer contractor who unintentionally exposed protected health information (PHI) of 550 patients on GitHub – for more than five years. Here is Affiliated Santé Group’s notification: January 30, 2017 RE: Notice of…
Samsung Leaking Customer Info, Tells Customer to Take It Up with the Shipper?!
From the add-this-to-the-list-of-concerns-about-Samsung dept. Matt Metzger writes: About four months ago, I ordered a new TV directly from Samsung’s online store. A few days later, I received a tracking link via email. http://www.agsystems.com/listhawb.asp?searchtype=hawb&searchvalue=1138977 Reusing Tracking Numbers When I first received the link, it showed an order that wasn’t my own. I assumed there was some sort of…
UK: ‘43,000 individuals’ possibly affected after ABTA web server hacked
TTG reports: The organisation said today it had become aware of “unauthorised access to the web server supporting abta.com by an external infiltrator exploiting a vulnerability”. The web server is managed for Abta through a third-party web developer and hosting company. “The infiltrator exploited that vulnerability to access data provided by some customers of Abta…
NZ: Patient data system disabled after problem discovered
Eileen Goodwin reports: A new patient information system used by general practitioners had to be disabled yesterday because of a risk of data breach. The Otago Daily Times learned about the situation in a leaked email to southern GP practices. The patient information system has been introduced over the past couple of months to many GP practices…
Summit Reinsurance issues notice of breach discovered in August
Regular readers will realize that I’ve been reporting on the Summit Reinsurance breach since it first appeared in a covered entity’s disclosure back in November. Since then, I’ve been compiling and/or reporting on other entities affected by the ransomware attack that they discovered August 8, 2016. So seven months after discovery, they are first issuing a public…