Val Verde Regional Medical Center recently discovered a security breach involving a small number of the facility’s overall patient population. On or about Aug. 9, 2015, an independent healthcare provider downloaded unsecured protected health information and emailed it to a personal account without encryption protection. In addition, the independent contractor was not authorized to access…
Category: Subcontractor
Vulnerabilities in a Third-Party Healthcare Payment Processor
Randy Westergren looked into Christiana Care’s online payment portal, which involves a third party payment processor developed by BYL Companies, LLC. What Randy found was very concerning, and he promptly notified BYL of his findings. You can read his write-up of it all on his site. So here’s the thing: how many people may have actually exploited the vulnerability…
Data breach exposes thousands of expats’ details in Thailand
AFP reports: The personal details of thousands of foreign nationals living in the South were briefly leaked online in what the site’s developer admitted Monday was a data breach during a test for police. The leak comes as the government nation pushes ahead with a much publicised crackdown against foreign visa overstayers and criminals, with…
A.G. Schneiderman Announces Settlement After Social Security Numbers Of Over 500 Job Applicants Posted Online
The NYS Attorney General’s has announced a settlement following a data breach I never heard about. And I’m guessing that some people will grumble that the monetary penalty is too light. NEW YORK – Attorney General Eric T. Schneiderman today announced a settlement with Doritex Corp. and its website developer Kallus Opraments, involving the disclosure…
NY: Focused Technologies Imaging Services to pay more than $3 million for illegal and covert outsourcing of 16 million fingerprint cards to India for data entry
New York State Inspector General Catherine Leahy Scott and Attorney General Eric T. Schneiderman today announced that an Albany-area tech company and its principals will pay more than $3 million in fines for violating State contract security protocols by outsourcing millions of fingerprint records containing sensitive personal information to a company in India for data…
Illinois Valley Podiatry Group warned 26,588 patients after contractor hacked (Update1)
So I had missed this item from the Journal Star on March 8th: The Illinois Valley Podiatry Group, 3322 W. Willow Knolls Drive, has announced that it has became aware of unauthorized access to its computer records, believed to have taken place last year. The names, addresses and Social Security numbers of patients may have…