Bill Laitner reports: A Catholic agency in Lansing that handles payroll processing and employee benefits across Michigan is the state’s latest victim of a major cyber attack. The Michigan Catholic Conference sent letters this week to more than 10,000 employees, warning them that their personal information has been compromised, officials said Friday. […] Although the…
Category: U.S.
Duty of confidentiality trumps your desire to defend your reputation
Remember when Prime Healthcare and Shasta Regional Medical Center were fined by federal and state agencies for breaching patient privacy? They had willfully disclosed patient details to the media after the media had reported the patient’s complaint about them. At the time, I noted that just because a patient discloses information, that does not give the covered entity the…
Boston University notifies medical research participants after server compromise
When a Boston University server was used to launch attacks against a system in Nova Scotia in May, the Nova Scotia network administrator contacted BU to alert them. BU’s month-long investigation revealed that one of its servers had been compromised – possibly by a hacker in Russia – in March 2015. Of note, the compromise…
“Small” breach, big impact, redux
In November 2013, I blogged about the case of a privacy breach at Northern Inyo Hospital that was so devastating to the patient that she was going to move away. The breach was a willful insider breach that impacted a custody dispute. That same year, and unbeknownst to most people, there was a lawsuit filed over another insider…
MA: Records request yields heavily redacted letter sent to state Attorney General in wake of Amherst website data disclosure
An update to a previously noted breach. Scott Merzbach reports: A public records request by the Daily Hampshire Gazette seeking more information about the disclosure of residents’ personal information through the Amherst municipal website yielded a heavily redacted letter that collector and treasurer Claire McGinnis sent to state Attorney General Maura Healey, notifying her office…
Man linked to JPMorgan hacking in talks to resolve U.S. case: filing
Nate Raymond reports: A Florida man accused of running an unlicensed bitcoin exchange and who is among five defendants linked to last summer’s massive data breach at JPMorgan Chase & Co is in talks to resolve his criminal case, according to court papers filed Friday. In a court filing in federal court in Manhattan, a…