Tisha Lewis has an update on a previously reported incident: FOX 5 is uncovering more about a D.C. case worker who sent confidential patient files to a complete stranger she met on Facebook to lighten her workload. The files included social security numbers and medical records. It turns out this case worker also has a…
Category: Subcontractor
Third-party incidents continue to put patient ePHI at risk: Protenus
Protenus, Inc. has released its Breach Barometer for January. As they report, 2017 is starting out where 2016 left off: we are seeing an average of one breach per day involving health data. Protenus’s report, based on 31 incidents, reported that there were 388,307 breached records for the 26 incidents for which they had numbers. The single largest…
Vulnerability put 1.87 million Michigan employees at risk
Catherine Shaffer reports: As many as 1.87 million Michigan workers may have had their personal information exposed through a newly discovered security vulnerability in the computer system used by the Michigan Unemployment Insurance Agency. The information release affects workers whose paychecks are processed by a third-party payroll vendor. A software update installed in October 2016…
Target data breach settlement remanded by appeals court after two consumers raise concerns
It ain’t over until…. well, no body-shaming here, but Target is not out of the woods on litigation from their massive 2013 breach. Law360 is reporting: The Eighth Circuit decided Wednesday to send back to lower court the $10 million deal that let Target Corp. out of multidistrict litigation over its notorious 2013 data breach,…
MN: PrimeWest Health notifies members of Summit Reinsurance incident
Another entity affected by the Summit Reinsurance ransomware attack in March, 2016 is first notifying individuals of the incident. See this report about PrimeWest Health. The insurer notified HHS of the incident on December 29, reporting that 2,441 members were affected. The reinsurer’s breach was discovered on August 8, 2016, and yet affected entities are…
Dutch Cops to Warn 20,000 of Email Account Hack
Phil Muncaster reports: Police in the Netherlands are set to email 20,000 possible fraud victims urging them to change their account details, after discovering their credentials had been stolen by a man arrested last year on suspicion of multiple cybercrime offences. Police revealed the arrest of the 35-year-old man last October. He was cuffed on suspicion of hacking, fraud…