Brian Krebs reports: Identity theft protection firm LifeLock — a company that’s built a name for itself based on the promise of helping consumers protect their identities online — may have actually exposed customers to additional attacks from ID thieves and phishers. The company just fixed a vulnerability on its site that allowed anyone with…
Category: U.S.
SC: Roper Hospital patient records in courier’s stolen car
Rebecca Collett reports that a courier for Roper Hospital had a suitcase with patient records stolen on July 3 while she was paying for gas: The medical records were in a locked suitcase in the car, according to Andy Lyons, the Director of Corporate Communications for the hospital system. The records belong to 133 patients…
MO: Blue Springs Family Care notifies 44,979 patients after ransomware attack
I read an article recently that cited a study by Cryptonite claiming that according to HHS’s breach tool, it appears that ransomware attacks are down in the healthcare sector this year. My mental response was just to shrug because I’ve already declared time of death on using HHS’s breach tool as any kind of serious…
OR: City of Medford notifies 1,842 after malware attack
Kimberly Kolliner reports: It’s estimated 1,842 Medford residents may have been impacted by a City of Medford data breach. The city’s online utility billing service that was infected with malware. The security breaches happened between February 18th through March 14th and March 29th through April 16th. June 5th is when forensic investigators determined the breach…
OR: Lane County Health and Human Services says more than 700 patients and clients had their files lost or possibly destroyed
Bryan Anderson reports: Lane County Health and Human Services announced the loss of 49 boxes containing patient and client information Tuesday night. The boxes contained 566 Community Health Centers of Lane County patient medical information files and 149 Lane County Developmental Disabilities client files. Those files included medical histories, addresses, contact information and social security…
Clark University notifies students of phishing incident
Clark University in Massachusetts began notifying some students whose personal information, including Social Security Numbers, were in an employee’s email account that had been accessed. According to their notification dated July 20, the university’s investigation revealed that an unauthorized individual could have accessed the employee’s email account between March 19 and March 23rd. From the wording…