Courtney Godfrey reports: Taking work home with you sounds like something a hardworking employee would do, unless that work includes private, sensitive data like it did with one employee in Wright County. The county knew about the data breach for seven months before notifying possible victims. It wasn’t until FOX 9 filed a public records…
Category: U.S.
Contra Costa Health Plan notifying patients after discovering contractor had used falsified identity to get contract
It seems Contra Costa Health Plan discovered that a contractor that they had hired and who had access to EHR beginning on December 1, 2014 had used a falsified identity to get the contractor position. The position involved access to EHR as part of the contractor’s functions relating to utilization management. In a letter to…
Hackers fooled Save the Children into sending $1 million to a phony account
Todd Wallack reports: Save the Children Federation, one of the country’s best-known charities said it was the victim of a $1 million cyberscam last year. The Connecticut-based nonprofit said hackers broke into a worker’s e-mail, posed as an employee, and created false invoices and other documents, to fool the charity into sending nearly $1 million…
GA: Mind & Motion notifies 16,000 after ransomware attack
One of the newer incidents appearing on HHS’s public breach tool this week is a report from Mind & Motion, LLC in Georgia. Mind & Motion offers various types of therapeutic modalities. On September 30th, 2018, they discovered that their server had been attacked with ransomware. In a notification to patients, they write: We have…
San Bernardino Community College District notifies students whose personal info was exposed in spreadsheet gaffe
Errors involving spread sheets continue to contribute to breaches. Consider this description in a notification from San Bernardino Community College District – Crafton Hills College Campus. The breach occurred on October 25: What HappenedWe recently learned that a District employee inadvertently sent a spreadsheet containing certain individuals’ information to a community college distribution list. Although the…
Federal data privacy bill introduced by 15 US senators
Laura Hautala reports: The US doesn’t have a single data privacy law that applies to all fifty states. On Wednesday, a group of 15 US senators indicated it wanted to change the status quo, introducing the Data Care Act. The bill (PDF) would require companies that collect personal data from users to take reasonable steps to safeguard the information….