There’s a bit of an unusual development to an incident that was first reported on DataBreaches.net. As reported previously, The leak of data on AWS from Systema Software impacted numerous individuals who filed insurance claims – primarily in California, Kansas, and Utah. In addition to personal and financial information, the leak also exposed proprietary information such as legal…
Category: Subcontractor
CORRECTIONS
A post describing a massive data leak/exposure incorrectly identified CSAC as one of the entities whose data were exposed. CSAC informs this site that it was CSAC-EIA, a separate organization. DataBreaches.net apologizes to CSAC for the error and has corrected the post. In that same story, York Insurance Group was also incorrectly listed as an affected…
Oops! Error by Systema Software exposes millions of records with insurance claims data and internal notes (Update3)
Insurance carriers, third party administrators (TPAs), and self-insureds had claims data exposed when a cloud-hosted claims management service inadvertently left their databases and files unprotected on a public server. Another week, another infosecurity failure that exposed oodles of personal information. This time, it’s a leak that not only exposed insurance claims data, but allegedly included internal documents that reveal how…
NC: Charlotte-Mecklenburg Schools notifies 7,600 job applicants of privacy breach
Adam Bell reports: Charlotte-Mecklenburg Schools has notified about 7,600 job applicants that their personal information, including Social Security numbers, was shared with an outside contractor without their consent. […] In a statement Tuesday morning, CMS said that one of its employees entered into an agreement with a vendor prior to obtaining proper authorization, and that resulted…
CVS confirms customer data stolen in PNI Digital Media attack (updated)
There’s an update to the PNI Digital Media breach that affected the online photo centers for major retailers such as CVS, Costco, Walmart, RiteAid, Sam’s Club. The breach was first disclosed over the summer, but now AP reports that investigators for CVS have not only confirmed the hack, but some customers’ information may have been…
DoD Issues Interim Rule For Contractors on Incident Reporting and Cloud Computing Services
Joe Lazzarotti writes: Government contractors have a wide range of unique challenges (find out more about these here), not the least of which is data security. A good example is the interim rule the Department of Defense (DoD) issued last month that implements sections of the National Defense Authorization Act for Fiscal Years 2013 and…