Jason Kelly and Megan Cruz report: A 27-year-old student and a 32-year-old employee at Embry-Riddle Aeronautical University were arrested Thursday after police said they hacked into the school’s computer system. Investigators said Kevin Scott, a Ph.D. student, and Jeanette Barott, a communications specialist in the College of Engineering, hacked into the university’s computer system to…
Category: U.S.
900+ residents’ information compromised in Town of Christiansburg data security breach
WDBJ in Virginia reports: The town of Christiansburg is offering free credit monitoring to more than 900 people after their information was compromised in a phishing scam. The scam targeted email accounts of three town employees which contained personally identifiable information from some members of the public, the town said in a news release. There…
Allegiant Air customers say airline sent personal information to hundreds
Todd Ulrich reports: Some Allegiant Air customers claim the airline violated their privacy and shared their sensitive information. Customers who have used service and emotional support animals found out their personal email addresses were sent to hundreds of passengers. Action 9 consumer investigator Todd Ulrich reports a class action lawsuit is demanding the airline protect…
IL: Center for Vitreo-Retinal Diseases notifies more than 20,300 patients after ransomware attack
On November 16, the Center for Vitreo-Retinal Diseases in Illinois notified HHS of a breach that they coded as “unauthorized access/disclosure” involving PHI on the network server. Here is the notice on their web site that describes what the ransomware incident: The Center for Vitreo-Retinal Diseases has become aware of a potential data security incident…
Amendments to data breach notification law in Colorado impact HIPAA-regulated entities
Kiss that 60-days to notify patients HIPAA bit goodbye if you’re doing business in Colorado. Julie A. Sullivan and Loreli Wright of Greenberg Traurig, LLP write: Passed during the 2018 state legislative session, House Bill 18-1128 went into effect on Sept. 1, changing Colorado’s law on the protection of personally identifying information and the procedure businesses must…
Georgia Spine and Orthopaedics of Atlanta notifies 7,012 patients after phishing attack
Another day, another successful phishing attack in the healthcare sector. From the web site of Georgia Spine and Orthopaedics of Atlanta: Georgia Spine and Orthopaedics of Atlanta (“GSO”) was a recent victim of an email “phishing” scam that resulted in unauthorized access to an employee’s email account. “Phishing” involves scammers sending emails that look legitimate,…