There’s an update to a breach reported by MaineGeneral Health in December after the FBI alerted them in November that information had been found on an external web site. At the time of their December notification, MG had noted that the scope of the incident was still under investigation. Today, they issued a press release with…
Category: U.S.
WV: Woman says St. Mary’s didn’t protect her medical records
Kyla Asbury reports on another small-n breach case that reportedly had huge consequences for the victim: A Wayne County woman is suing St. Mary’s Medical Center after she claims it allowed people to access her private health information that should not have had access. St. Mary’s Medical Management LLC; Cabell-Huntington Hospital Inc.; Rebecca Winters, formerly…
TaxAct Acknowledges Data Breach
Jeff Goldman reports: The tax preparation solutions provider TaxAct recently began notifying an undisclosed number of customers that their personal information may have been inappropriately accessed. “We have concluded that an unauthorized third party accessed your TaxAct account between November 10 and December 4, 2015,” the company stated in a letter [PDF] sent on January 11, 2016 to those…
Improper redaction exposed Virginia employees’ personal info
Earlier this week, Jigsaw Security noted that they had discovered that improper redaction of documents posted on the Virginia Dept of Human Resource Management website was potentially exposing employees’ personal information: A PDF posted by this organization contained information that was obfuscated by blocks but was a layered image so if you edit the document the…
Nearly 21,000 customer records hit by Blue Shield security breach
Courtney Perkes reports: Blue Shield of California announced Thursday that personal information from nearly 21,000 individual and family plan customers was accessed in a security breach late last year. The information included names, addresses, dates of birth and Social Security numbers. Read more on Orange County Register. This incident does not appear to be on…
Data breach class action dismissed against SuperValu for lack of standing
Another lawsuit over a data breach has been dismissed for lack of standing. This time it’s SuperValu, who was sued for two breaches in 2014. Kathryn Rattigan writes: Last week, a Minnesota court ruled that a consolidated class action filed against SuperValu retail chain failed to assert any harm, finding that while SuperValu did suffer…