From Bloomberg Law: Because the plaintiffs failed to demonstrate actual injuries, arts and crafts retail chain Michaels Stores Inc. Dec. 28 dodged a federal court putative class action over a data breach that compromised approximately 2.6 million payment cards. Dismissing the suit without prejudice, Judge Joanna Seybert of the U.S. District Court for the Eastern District of…
Category: U.S.
Henry Schein settles FTC charges it misled customers about encryption of patient data
It appears the FTC acted on a complaint I filed with them last year concerning Henry Schein Dental’s use of the word “encryption” in their marketing and their refusal to individually notify customers that the “encryption” provided by Dentrix G5 was not NIST-grade encryption that would give them Safe Harbor under HIPAA. Background on my concerns…
Southern New Hampshire U. still investigating database leak exposing over 140,000 records
Steve Ragan reports: Southern New Hampshire University (SNHU) says they’re still investigating how a database containing some student and class information was exposed to the public. The database was discovered by researcher Chris Vickery shortly before Christmas. Vickery turned to Salted Hash for assistance in resolving the matter, as previous attempts to contact the university…
Washington Hospital Healthcare System notifies individuals of breach
Washington Township Health Care District (Washington Hospital Healthcare System) recently notified the California Attorney General’s Office of a breach. Their template of their notification letter was uploaded yesterday. The letter, signed by Kristin Ferguson,, Chief of Compliance, explains that the District learned on October 8th that an unauthorized individual may have gained access to a computer associated with…
Bucking Clapper? Massachusetts court holds patients have standing to sue based on mere exposure of data alone
In August, 2014, I noted a report involving a transcription contractor of Boston Medical Center exposing patient information on the Internet. BMC notified approximately 15,000 patients and fired MDF Transcription Services because of the incident. Of note, BMC told patients in a notification letter that it had no reason to believe their information had been misused…
OH: Regional Income Tax Agency loses DVD with personal info for 50,000 people, offers free credit monitoring
Bruce Geiselman reports: The Regional Income Tax Agency announced Dec. 31 that nearly two months earlier it lost personal data for about 50,000 people who filed tax forms with the agency. A backup DVD with the information cannot be located, according to RITA. The agency says it will provide one-year of free credit monitoring to those affected. Read…