When Radiology Regional Center in Florida disclosed that paper records had been lost or fallen off the truck of its vendor, Lee County Solid Waste Division, they reported that they believed that they had retrieved all the records, but they were notifying all potentially affected individuals: Radiology Regional Center has advised potentially impacted patients to (1) place a…
Category: Subcontractor
Commenters on Henry Schein consent order: FTC was too lenient
Public comments on the consent order in FTC v. Henry Schein Practice Solutions are now available. The FTC will be responding to commenters, but I wanted to note one particular point raised by commenter because I hadn’t considered it when I filed my complaint with the FTC, and I think the commenters are right. Note that I did not submit…
FL: Radiology Regional Center Notifies Patients After Paper Records Fell Out of Vendor’s Truck
Radiology Regional Center, PA, a physician-owned and managed diagnostic facility with nine locations in Florida, announced today that on December 19, 2015, Radiology Regional Center was informed by its records disposal vender (sic), Lee County Solid Waste Division (“Lee County”), that, on that same date, paper records containing the personal information of Radiology Regional Center’s…
22,000 dental patients’ info exposed on unsecured Eaglesoft FTP server
Eaglesoft software by Patterson Dental is a popular patient management system. But just as one security researcher had concerns about patient data security in Henry Schein’s Dentrix G5 software, he’s also had concerns about Eaglesoft, albeit for different reasons. He contacted this site on February 6 and notified CERT of his concern: Eaglesoft does seem to…
Misconfigured MongoDB installation left Microsoft careers site vulnerable to attack
Chris Vickery writes: An exposed database was serving potentially arbitrary HTML through the mobile version of Microsoft’s careers page (m.careersatmicrosoft.com). Punchkick Interactive is a mobile web development company. Microsoft relies on Punchkick to handle the database that powers m.careersatmicrosoft.com. The bad news is that, for at least the past few weeks, this backend database has…
NOT SO SECURUS: PART 2 Lawyers Speak Out About Massive Hack of Prisoners’ Phone Records
The Intercept follows up on its earlier report in which a hack of Securus revealed that 70 million phone calls had been recorded – many involving what should be privileged communications between attorneys and their clients. Jordan Smith and Micah Lee report: The Intercept’s analysis, to the contrary, estimated that the hacked data included at least…