Allie Coyne reports: More than one million personal and medical records of Australian citizens donating blood to the Red Cross Blood Service have been exposed online in the country’s biggest and most damaging data breach to date. A 1.74 GB file containing 1.28 million donor records going back to 2010, published to a publicly-facing website,…
Category: Subcontractor
SG: Fined for leaking 8,000 people’s personal data
K.C. Vijayan A printing firm hired by an insurance company sent erroneous account statements to policyholders that resulted in more than 8,000 people having their personal data leaked. The data breach by Toh-Shi Printing Singapore was its second such infringement and it was fined $25,000 last month by the Personal Data Protection Commission Singapore (PDPC)…
IL: Mercy Hospital & Medical Center notifies patients after billing service loses 547 patients’ documents
From their substitute notice: On August 15, 2016, Mercy Hospital & Medical Center discovered that some medical billing information for a total of 547 patients was potentially exposed as a result of a third-party billing service’s loss of Mercy’s documents from their offices. The information exposure occurred on August 15, 2016. We have taken the necessary…
Indiana business associate providing employee benefits management notifies 7,242 after laptop theft
From their notification letter, which does not explain why it took 2.5 months for them to make notifications nor where the laptop was stolen: We are writing to inform you of a data security incident at Gibson Insurance Agency, Inc. (“Gibson”) that may have resulted in the disclosure of your personal information, including your name…
TX: Katy ISD notifies parents after third-party error by SunGard K-12
Shelby Webb reports: Katy ISD warned about 78,000 of its students and staff members that their personal data – including social security numbers, names and birth dates – may have been accessed during a security breach. Katy officials notified parents in a letter dated Oct. 7, more than a month after it learned of the…
Curtis F. Robinson, M.D. notifies patients after ransomware attack on EMR provider
From the press release, this appears to be the same ransomware incident that Marin Medical Practices Concepts previously reported. Both MMPC Prima Medical Foundation subsequently reported that 5,000 patients were being notified that patient records were lost during the backup recovery process. Dr. Robinson’s practice appears to have been similarly affected. On August 22, 2016, Dr….