On February 1, Coastal Cape Fear Eye Associates in North Carolina notified HHS of a hacking incident that impacted 925 patients. Unlike many other ransomware reports where there is no clear evidence of PHI acquisition or compromise, in this incident, there was evidence of actual compromise, although no evidence of exfiltration. Here is the entity’s…
Category: U.S.
Aperio Group client account data breached by successful phishing attack
On January 30, Aperio informed advisors of a data breach that occurred when two employees’ email accounts were compromised by successful phishing attacks that resulted in auto-forwarding email from those accounts to two external accounts. Aperio discovered the problem on January 11, 2018, and their investigation determined that all emails sent to those two accounts between…
Ex-student suspect in Mississippi State University records tampering case
Therese Apel reports: According to Mississippi State University officials, one former student is the target of a search warrant in an investigation into university record tampering. MSU Chief Communications Officer Sid Salter told Logan Kirkland of the Starkville Daily News that the student graduated in December. The identity of the suspect and the nature of…
Lawsuit against Rensselaer County partially revived on medical privacy issue
There’s an update to an insider-wrongdoing lawsuit that I first noted back in September, 2013, after some employees at Rensselaer County Jail filed suit against their employer for snooping in their medical records. As I’ve reported in the past, the breaches occurred against a backdrop where the county jail uses Samaritan Hospital to provide services…
California DMV worker used driver’s license records to steal identities, federal government says
Sam Stanton reports: A worker at California’s Department of Motor Vehicles, which is the subject on an ongoing federal bribery probe into the misuse of department computer files, has been accused of using driver’s license records in an elaborate mail and identity theft case. Sarah Laray Sandoval, 39, was a DMV employee with access to…
Sued by Aetna over botched mail notifications, KCC fires back, suing Aetna
“I sue you, You sue me, We both sue too easily. Too easily to let it show. I sue you and that’s all I know.” — wrote Art Garfunkel never. Alison Frankel reports: A day after Aetna sued the claims administrator Kurtzman Carson Consultants for exposing confidential medical information about Aetna clients in a settlement…