TTG reports: The organisation said today it had become aware of “unauthorised access to the web server supporting abta.com by an external infiltrator exploiting a vulnerability”. The web server is managed for Abta through a third-party web developer and hosting company. “The infiltrator exploited that vulnerability to access data provided by some customers of Abta…
Category: Subcontractor
NZ: Patient data system disabled after problem discovered
Eileen Goodwin reports: A new patient information system used by general practitioners had to be disabled yesterday because of a risk of data breach. The Otago Daily Times learned about the situation in a leaked email to southern GP practices. The patient information system has been introduced over the past couple of months to many GP practices…
Summit Reinsurance issues notice of breach discovered in August
Regular readers will realize that I’ve been reporting on the Summit Reinsurance breach since it first appeared in a covered entity’s disclosure back in November. Since then, I’ve been compiling and/or reporting on other entities affected by the ransomware attack that they discovered August 8, 2016. So seven months after discovery, they are first issuing a public…
VCU Health System notifies 2,700 of inappropriate access to their medical records
The Richmond Times-Dispatch reports: Virginia Commonwealth University Health System is notifying about 2,700 people that their or their minor child’s electronic medical records were inappropriately accessed over a three-year period. The university said it has no indication that the private health information has been used for any unintended purposes. The breach was found Jan. 10…
Brand New Day notifies 14,005 members after breach at vendor
From their press release of March 10: Universal Care, Inc. dba Brand New Day (BND) announced today that it has notified individuals related to a privacy incident involving information stored by a third-party vendor. The incident did not involve information that was stored or maintained on BND’s own systems. On December 28, 2016, BND learned…
Home Depot to Pay Banks $25 Million in Data Breach Settlement
Jeff John Roberts reports: Home Depot has taken another step to move on from its colossal 2014 data breach, which involved hackers stealing email or credit card information from more than 50 million customers by infiltrating self check-out terminals. In a new settlement with dozens of banks, the retailer has agreed to pay $25 million for damages they incurred…