Adam Poulisse reports: A computer hard drive containing patient information was stolen from FHN Memorial Hospital in December. The hard drive did not contain medical records, but did have internal reports and spreadsheets with patient data, according to a FHN news release. The files may have included a patient’s name, Social Security number, contact information,…
Category: U.S.
BJC HealthCare Accountable Care Organization Notifies Patients of Unencrypted Email
(Feb. 26, 2016, ST. LOUIS) – BJC HealthCare Accountable Care Organization (BJC ACO) has notified 2,393 patients that identifying information was sent to a participating medical practice through an unencrypted email. All affected patients have been offered identity theft protection free of charge. BJC ACO discovered on Dec. 30, 2015, that an email containing health information…
Snapchat “just impossibly sorry” after employee payroll data compromised in BEC scam
John Russell reports that a number of Snapchat’s current and former employees had their payroll information stolen after an employee fell for what has become a common attack known as BEC (Business Email Compromise). In BEC, a scammer poses as a corporate executive and sends an email requesting payroll or customer data. “Last Friday, Snapchat’s payroll department was targeted by an…
Some Time Warner Business Class customer data hacked and dumped by TeaMp0isoN
It looks like TeaMp0isoN’s been busy again. This time it’s the Time Warner Cable Business Class Managed Security Solutions portal that got hacked with the following defacement left as a message: The @TeaMp0sioN Twitter account announced the breach by Pseudo, Militis, Jimmy, and MLT on Sunday afternoon, followed shortly by a data dump consisting of 4,191 records containing…
Federal Times obtained and analyzed 26,381 security incidents reported by HHS components over a 30-month period
Kudos to Federal Times, who obtained a tremendous amount of data from HHS about security incidents involving their component systems. Aaron Boyd reports on their analysis of data, which was obtained through a Freedom of Information request. The analyses look at types of attacks by components of HHS. Here’s some of their analysis and findings: The records…
Radiology office mistakenly reveals 603 mammogram patients’ names
I’m not a fan of postcard appointment reminders for patients, as they expose the fact that the named individual is a patient of a particular doctor or practice – and sometimes, that, in and of itself, reveals more than I would want to see revealed. But under HIPAA, postcard reminders are not barred, and patients…