Children’s Medical Center of Dallas, part of Children’s Health nationwide network, has paid HHS $3.2 million to settle charges stemming from multiple breaches involving ePHI and failure to comply with the Security Rule, despite notice of their shortcomings. Here’s HHS’s press release with a link to their determination: The U.S. Department of Health and Human Services, Office for…
Category: U.S.
US charges 104 in Florida in latest ID theft-fraud roundup
AP reports: Federal authorities have charged 104 people with numerous identity theft and fraud offenses in the latest South Florida crackdown on a rampant problem involving tens of thousands of stolen personal identities. […] In one of the largest cases, an employee at Miami’s Jackson Health System is accused of stealing identities from 24,000 people…
Info of 200,000 Indycar race fans exposed in misconfigured backup
Chris Vickery writes: The online security of over 200,000 Indycar racing fans was put in jeopardy recently. Earlier this month I discovered a large collection of publicly exposed MySQL database backup files at an IP resolving to ims-mysql.indycar.com. The majority of these backups appear to be merely operational, but what stands out are the Indycar…
MLB fines Cardinals $2 million for computer hack
Brian Feldt reports: Major League Baseball on Monday afternoon ordered the St. Louis Cardinals to pay $2 million and turn over two 2017 draft selections to the Houston Astros as a result of a former Cardinals employee hacking the Astros’ computer system. The league’s decision also permanently banned Chris Correa, who was fired by the Cardinals in July 2015…
NY: Three Individuals Plead Guilty in $55 Million Health Care Fraud Scheme at Two Brooklyn Medical Clinics
As I’ve occasionally noted in the past in discussing statistics on medical identity theft, sometimes patients knowingly participate in the crime, usually by lending friends or family members their health insurance information so that others can seek care. Despite the government or other researchers’ justifications, I have argued that we shouldn’t consider such instances cases…
Payroll service mistakenly ships packages with W-2 records to wrong address — twice
It’s worrying that once again, criminals are successfully tricking employees into emailing employees’ W-2 data to them. But how about when a company just mails out W-2’s to the wrong address – and not once, but twice? The San Diego Union-Tribune reports that Paychex, a payroll service, has twice shipped scores of confidential salary records and other documents to…