It seems that using the new HHS/OCR web site will be even more difficult than I anticipated, as they are sorting breach reports by the date of breach, not date that the incident was added to their site, so I have to review the entire list to see what’s been added instead of just looking…
Category: Subcontractor
Update: UTMB sends more letters to possible ID theft victims
Cindy George reports that the University of Texas Medical Branch at Galveston breach reported last month was bigger than originally thought and more people have now been notified. At least 10 people have self-identified as victims of identity theft: One month after mailing letters to 1,200 patients whose confidential information may have been stolen in…
(update) Salmat caused St George data breach
Renai LeMay reports: Business process outsourcing firm Salmat has acknowledged responsibility for a data breach at St George that saw some customers of the Westpac subsidiary receive account details that belonged to other customers. “Our statement production company Salmat has acknowledged responsibility for the error which occured and is currently completing a full investigation,” said…
The evidence says “woof”
Okay, we know that law enforcement will seize merchandise purchased with stolen credit cards or obtained fraudulently. But this is the first ID theft case I’ve ever heard of where they seized a puppy. George Warren reports that a Yorkshire terrier puppy named “Treasure” was seized as part of the proceeds of an ID theft…
(update) UWMC patient financial information compromised
More on a breach reported here last week, this from Natalie Johnson: In early February, an employee of the National Collection Office (NCO) Financial Systems Inc., a debt-collection agency that UW Medicine contracts with, violated security and compromised at least 50 confirmed contacts, and as many as 80 more are being investigated. “UW Medicine was…
OCR/HHS reveals two more breaches
The public list of breaches reported to HHS under the HITECH Act was updated to add two entries. Both entries are associated with the same business associate: MSO of Puerto Rico. I do not see anything on the web sites of the covered entities or the business associate about the incident nor did I see…