From the FTC: The Federal Trade Commission today announced that it has approved a Federal Register notice seeking public comment on a proposed rule that would require entities to notify consumers when the security of their electronic health information is breached. The American Recovery and Reinvestment Act of 2009 (the Recovery Act) includes provisions to…
Category: U.S.
North Carolina breach data, 2007- March, 2009
Between January 2007 and March 19, 2009, North Carolina received 231 notifications of breaches under their breach reporting requirements. NC’s statute includes breaches involving paper records as well as electronic records, but only breaches requiring notification of 1,000 individuals or more must be reported to NC’s Consumer Protection Division of the Attorney General’s Office. Hence,…
Some MFS Investment Management account information exposed in online error
On April 1, Massachusetts Financial Services Company notified (pdf) the New Hampshire Attorney General that they were informed by a customer on February 23 that an error in their online tax reporting system allowed Form 1099 tax forms of certain accounts to be viewed by an owner of one or more of these accounts. The…
Northeast Rehabilitation Hospital patient data stolen
On April 8, Northeast Rehabilitation Hospital in Salem, New Hampshire notified (pdf) the New Hampshire Attorney General that paper and electronic records with personal and medical information on 8 patients was stolen from an employee’s vehicle on March 20. The hospital provides services to patients in homes and schools, and the laptop and document were…
Former Fox Entertainment employee arrested; employee data retrieved from home
On April 9, Fox Group notified (pdf) the New Hampshire Attorney General that Fox Entertainment Group had learned that employee information including names, Social Security numbers and some compensation data had been acquired without authorization by an employee of Fox’s benefits department. The employee was terminated and subsequently arrested. When a search warrant was executed…
Five Romanians arrested for hacking into U.S. pharmaceutical companies
Dan Kaplan of SC Magazine reports that five people have been arrested for illegally accessing computer systems belonging to unnamed U.S. pharmaceutical companies. The hackers allegedly installed keylogger software to steal card data on point-of-sales systems. Lucian Constantin reports that according to a DIICOT press release (in Romanian), the remote administration system used by the…