The Texas Health & Human Services Commission posted this notification to their site on June 17: The Health and Human Services Commission is notifying people about the accidental loss of protected health information. The breach may affect a little more than 600 people who applied for benefits. Iron Mountain, an HHSC contractor, was storing boxes…
Category: U.S.
NYS: Inadvertent release to adoptee of birth mother’s identity leads to reforms
Another “small” privacy breach with big impact. In this case, the big impact was an overhaul of the state’s system. From their press release: New York State Inspector General Catherine Leahy Scott yesterday released a report of an investigation that found the State Department of Health’s (“DOH”) complex and antiquated storage of vital records led to…
Information on 154 million voters exposed in the cloud – again. (Updated)
MacKeeper Security Researcher Chris Vickery has found yet another misconfigured database with U.S. voter information and profiles. This one has 154 million records. See my report about it over on the Daily Dot. One day maybe our government or state attorneys general will start actually enforcing some data security on those who create these massive…
ME: Portland Jetport loses thumb drive with personal info of 950 employees
The Bangor Daily News reports: The Portland Jetport says it’s lost or misplaced a USB thumb drive containing personal information of 950 employees. The personal information includes names, addresses, dates of birth and social security numbers. Read more on BDN. The Portland Press Herald adds that the drive, which also includes the personal information of…
Carbonite forces password reset after password reuse attack
Should a company force an entire user password reset proactively because some users’ credentials, obtained elsewhere, are being used to attempt to steal their data? Carbonite, a provider of online computer and server backup services, notified its more than 1.5 million individual and small business customers that they were forcing a password reset. The reset, announced…
OH: Trial begins for former ProMedica employee accused of illegally-accessing patient data
Amulya Raghuveer reports: A trial has begun for a former ProMedica employee charged with unlawfully and intentionally gaining access to patient data at Bay Park Hospital. Jamie Knapp was indicted in April 2015 on charges of obtaining individually identifiable health information and unauthorized access of a protected computer. The respiratory therapist is alleged to have…