Oof. Community College of Allegheny County responded to a public records request concerning former students. They redacted student PII,in the spreadsheets, but due to “technical failures in the redaction process,” the data could be unmasked. Read the notification to the Vermont Attorney General’s Office.
Category: U.S.
Two newly revealed phishing attacks in 2018 potentially compromised 41,000 patients’ ePHI
Every time I think I’m ready to total out the March data on health data attacks or incidents, another incident pops up belatedly on HHS’s site. This time, there were two reports that I had to add yesterday. One was a report from Palmetto Health in South Carolina (now part of Prisma). Palmetto reported that…
Hacker breached Minnesota state agency e-mail, placing data of 11,000 at risk
Chris Serres reports: A data breach last year at the state agency that oversees Minnesota’s health and welfare programs may have exposed the personal information of approximately 11,000 individuals. The state Department of Human Services (DHS) notified lawmakers Tuesday that an employee’s e-mail account was compromised as a result of a cyberattack on or about…
Yahoo strikes $117.5 million data breach settlement after earlier accord rejected
Jonathan Stempel reports: Yahoo has struck a revised $117.5 million settlement with millions of people whose email addresses and other personal information were stolen in the largest data breach in history. The proposed class-action settlement made public on Tuesday was designed to address criticisms of U.S. District Judge Lucy Koh in San Jose, California. She…
MA: Baystate Health suffers data breach affecting 12,000 patients
AP reports: A Massachusetts hospital says a data breach exposed information about some 12,000 patients. Baystate Health of Springfield said Monday that a phishing incident resulted in unauthorized access to the email accounts of several employees between Feb. 7 and March 7. The hospital says the accounts included patient names and dates of birth, certain…
TX: Weslaco hospital: patient data potentially compromised
Weslaco Regional Rehabilitation Hospital is notifying patients their information may have been compromised, according to a news release the hospital sent Monday. The hospital’s investigation, which included a third-party forensic firm, found that some employees’ email accounts were compromised in October 2018, the news release stated. Some emails included patient data, including names, dates of…