From their notification letter, which does not explain why it took 2.5 months for them to make notifications nor where the laptop was stolen: We are writing to inform you of a data security incident at Gibson Insurance Agency, Inc. (“Gibson”) that may have resulted in the disclosure of your personal information, including your name…
Category: Subcontractor
TX: Katy ISD notifies parents after third-party error by SunGard K-12
Shelby Webb reports: Katy ISD warned about 78,000 of its students and staff members that their personal data – including social security numbers, names and birth dates – may have been accessed during a security breach. Katy officials notified parents in a letter dated Oct. 7, more than a month after it learned of the…
Curtis F. Robinson, M.D. notifies patients after ransomware attack on EMR provider
From the press release, this appears to be the same ransomware incident that Marin Medical Practices Concepts previously reported. Both MMPC Prima Medical Foundation subsequently reported that 5,000 patients were being notified that patient records were lost during the backup recovery process. Dr. Robinson’s practice appears to have been similarly affected. On August 22, 2016, Dr….
Vendor’s employee stole W-4 forms for SIRF scheme
A case involving identity theft reported by the USAO for the Middle District of Alabama this week: A Phenix City, Alabama man was sentenced to 24 months in prison today for his role in a stolen identity refund fraud (SIRF) scheme. According to documents filed with the court, Kenneth Fearson, 31, worked at a warehouse that…
Subcontractor error exposed Vermont Health Connect customers’ SSNs
AP reports: A security lapse earlier this summer has jeopardized the Social Security information of nearly 700 users of Vermont’s online health insurance marketplace. Vermont Public Radio reports officials learned of the security breach when one Vermont Health Connect customer found her name and Social Security number on an online document while conducting an internet search….
AU: Event Organizer Suffers Data Breach After Hacker Steals Mailing Lists
Catalin Cimpanu reports: Pont3, an Australian event organizer, revealed yesterday that an unauthorized party had gained access to its mailing list account and downloaded data about individuals that subscribed to various events organized by the company in the past. The intrusion took place last Thursday, on October 6, and Pont3 said the attacker gained access…