Brian Krebs reports: Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers, KrebsOnSecurity has learned. Orvis says the exposure was…
Category: U.S.
VA: Purcellville Sorts Data Breach Stemming from 2017 Botched Investigation
This one may be confusing to follow unless you’ve followed some issues involving this town in the past, but have a go at it anyway. Patrick Szabo reports: The Purcellville Town Council held an emergency meeting Saturday afternoon to discuss a “data security incident” related to a flash drive filled with more than 9 gigabytes…
A leak report quietly disappears, leaving questions in its wake
On October 8, Jeremiah Fowler reported that he had discovered a non-password protected database that contained what appeared to be information regarding healthcare workers and traveling nurses. If you had read the report on Security Discovery at the time, you would have read that almost one million people were potentially affected. Based on that reporting,…
Data breach put thousands of Florida Blue members’ personal information at risk
C. Isaiah Smalls II reports that the Magellan Health NIA breach reported previously on this site has also impacted Florida Blue members. Florida Blue says “less than 1 percent” of its approximately 5 million members were affected. Read more on Miami Herald. The Magellan NIA attack impacted more than 55,000 members and patients of covered…
Senator Warner wants to know what HHS OCR did in response to massive leak of patient medical images by organizations
This is a press release you may want to really read as it raises a number of important questions to HHS OCR as to how they do things — and how quickly (or not quickly). Nov 08 2019 WASHINGTON – U.S. Sen. Mark R. Warner (D-VA), Vice Chairman of the Senate Intelligence Committee and co-founder of the…
Main Street Clinical Associates, PA Notifies Patients After Looters Steal PHI
The press release below the separator on this page describes a statistically unusual incident; an explosion at a building adjacent to a covered entity caused an emergency evacuation in which files and file rooms were left open and unsecured. But then the entity and its employees were not allowed to re-enter the building for months….