So there was another breach disclosed in January that I didn’t find out about until today. It’s an insider-error situation involving a software developer contractor who unintentionally exposed protected health information (PHI) of 550 patients on GitHub – for more than five years. Here is Affiliated Santé Group’s notification: January 30, 2017 RE: Notice of…
Category: U.S.
Missouri sheriff’s office leaked audio of police informants and victims after ransomware attack
Dell Cameron reports: A data breach at a Missouri law enforcement agency in January left thousands of sensitive records exposed online, including jail incident reports, arrest records, and more. Security researchers who discovered the breach at the Warren County Sheriff’s Department say the leaked backup files—numbering in the hundreds of gigabytes—also include multiple audio recordings…
Did you hear the one about a Secret Service agent who left a laptop in her car?
From the I-Can’t-Even dept.: An unoccupied vehicle with Maryland plates was broken into and a bag with a laptop and other items belonging to a Secret Service agent was stolen, sources told CBS2. The break-in happened outside of the agent’s home in Bath Beach, Brooklyn, sources said. It’s not like there was anything important on…
NYS Tax Department: 65 companies have been victimized by tax scams
WHEC reports: The state Tax Department is warning companies and workers after it says 65 companies with New York employees have been victimized by tax scams. As a result, 7,100 Social Security numbers across the state have been compromised, the department says. Read more on WHEC.
Metropolitan Urology Group Notifies Almost 18,000 Patients of Ransomware Attack That Exposed PHI
As seen on the group’s web site: On January 10, 2017, Metropolitan Urology Group (MUG) was made aware that a ransomware attack that occurred on November 28, 2016 exposed certain patient health information to the hackers who infected two MUG servers with the ransomware virus. MUG has been working with a premier, international information technology…
“Curious” employee snooped on thousands of St. Charles Health System patient records
And this, kids, is why you need to monitor employee access to patient records and audit over longer periods. Kyle Spurr reports: A caregiver at St. Charles Health System accessed nearly 2,500 patients’ electronic medical records without authorization from the hospital. The caregiver told the hospital she viewed the files out of curiosity. Her actions…