Sarah Michels reports: Nearly a thousand members of Kentucky Employees’ Health Plan (KEHP) were victims of a data breach that took place in late April and mid-May, according to a statement released by the Commonwealth of Kentucky Personnel Cabinet on June 2. During the first attack, from April 21 to 27, 971 KEHP members accounts…
Category: Subcontractor
“Aeries Software” Breached and Over 150 School Districts Compromised
Bill Toulas reports that more than 150 school district were compromised by the Aeries software breach. I’m not surprised, as I’ve been updating my little list of schools where I had seen breach notifications. You can find that post of mine here.
Indiana covered entities discover that their documents storage and secure destruction vendor dumped records improperly
I know the arguments against holding covered entities for auditing and monitoring their business associates periodically for compliance with any contracts, but when you don’t hold covered entities really accountable for checking that their vendors or business associates are living up to their contracts, stuff like this happens. And it can go on for years….
Class-action lawsuit filed against state contractor over Ohio Department of Job and Family Services data leak
No surprise here…. ABC6 in Ohio reports: A class-action lawsuit has been filed in the Cuyahoga County Court of Common Pleas, alleging Deloitte—the contractor the Ohio Department of Job and Family Services (ODJFS) hired to create and manage the new Pandemic Unemployment Assistance system—acted “negligently and recklessly,” leading to last week’s data leak. Read more on…
Coronavirus: Serco shares email addresses of hundreds of contact tracers in ‘privacy breach’
Matt Mathers reports: E-mail addresses of 300 contact tracers have been shared accidentally by Serco in what could be a breach of data protection rules. The government is using the outsourcing firm to help with its tracing strategy aimed at monitoring Covid-19 cases. The company has been training people to track cases of coronavirus in the UK and has so far…
Aeries Student Information System discloses breach (with updates)
Aeries Software recently announced a data breach. I didn’t see it, but a reader kindly stuck it under my cybernose today so that I could share it with you. The software firm’s notice of April 27 applies to hosted customers of their Aeries Student Information System. From their notice: What Happened? In late November 2019,…