University of Florida officials have notified 2,047 people that their Social Security or Medicaid identification numbers were included on address labels affixed to letters inviting them to participate in a research study. The letters were sent through the U.S. Postal Service on May 24, and the information also was shared with a telephone survey company….
Category: Subcontractor
Bank of New York Mellon granted summary judgment in lost backup tapes lawsuit
Brandon Tavelli writes: On June 25, 2010, Judge Richard Berman of the U.S. District Court of the Southern District of New York granted summary judgment to The Bank of New York Mellon Corp. in Hammond v. The Bank of New York Mellon Corp., dismissing in its entirety a putative class action lawsuit arising from the…
UK: Council will not face censure for Data Protection error
A council which wrongly included national insurance numbers on post will not face action over the blunder. Northumberland County Council has been told by the Information Commissioner that it will not be censured over the mistake. The Journal reported in April how, due to “human error”, the authority failed to remove national insurance numbers from…
WellPoint: 940 customers’ records may have been accessed
Reuters reports on the WellPoint breach that’s in the news this week: […] The company believes that the security glitch was exploited to access information on 940 insurance applications. Separately, unauthorized viewers accessed spreadsheets that “in rare cases” contained Social Security numbers, Sanders said. WellPoint is doing forensic work to identify the applicants whose data…
New York hospital loses data on 130,000 via FedEx
Robert McMillan reports: New York’s Lincoln Medical and Mental Health Center is notifying patients that their personal information may have been compromised after seven CDs full of unencrypted data were FedExed by a hospital contractor and then lost in transit. The CDs were sent by the hospital’s billing processor, Siemens Medical Solutions USA, around March…
Commentary: Is WellPoint blaming others for breach?
Steve Ragan has a statement from WellPoint that he posted on Tech Herald. While the company doesn’t deny that the actual cause of the exposure was a faulty security update, from there, it reads as if they are pointing fingers everywhere but at themselves. WellPoint mentions the role of the plaintiff’s attorney(s): The reason that…