Sandra Chereb reports: Auditors delayed release of a report detailing security vulnerabilities in state databases to protect the information of tens of thousands of current and former state employees and their beneficiaries, a legislative committee was told Tuesday. Douglas Peterson, information systems audit supervisor, told the Legislative Audit Subcommittee it was the first time he…
Category: U.S.
IL: Mercy Hospital & Medical Center notifies patients after billing service loses 547 patients’ documents
From their substitute notice: On August 15, 2016, Mercy Hospital & Medical Center discovered that some medical billing information for a total of 547 patients was potentially exposed as a result of a third-party billing service’s loss of Mercy’s documents from their offices. The information exposure occurred on August 15, 2016. We have taken the necessary…
Hackers stole credit card data from Republican website for 6 months: Report
Andrew Blake reports: A Republican Party website that sells bumper stickers and T-shirts advertising presidential candidate Donald Trump was compromised earlier this year by hackers who spent several months silently stealing credit card details and other personal information from purchasers, according to a Dutch security researcher. The digital storefront used by the National Republican Senatorial…
$2.14 million HIPAA settlement underscores importance of enterprise-wide risk analysis
St. Joseph Health (SJH) has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules following the report that files containing electronic protected health information (ePHI) were publicly accessible through internet search engines from 2011 until 2012. SJH, a nonprofit integrated Catholic health care delivery…
Indiana business associate providing employee benefits management notifies 7,242 after laptop theft
From their notification letter, which does not explain why it took 2.5 months for them to make notifications nor where the laptop was stolen: We are writing to inform you of a data security incident at Gibson Insurance Agency, Inc. (“Gibson”) that may have resulted in the disclosure of your personal information, including your name…
Yahoo Loses Search Engine Partner, First Since Data Breach Reveal
Laurie Sullivan reports: A little-known search engine that focuses on user privacy has canceled its partnership with Yahoo. StartPage made the announcement Monday. “We can no longer have confidence in them,” according to StartPage CEO Robert Beens. He predicts that while his company is the first to part ways with Yahoo, others will likely follow….