Are you surprised to see a settlement with HHS arising from an investigation that began when an entity reported a stolen laptop in 2013? Keep reading this notice from HHS to find an explanation: West Georgia Ambulance, Inc. (West Georgia), has agreed to pay $65,000 to the Office for Civil Rights (OCR) at the U.S….
US Coast Guard discloses Ryuk ransomware infection at maritime facility
Catalin Cimpanu reports: An infection with the Ryuk ransomware took down a maritime facility for more than 30 hours; the US Coast Guard said in a security bulletin it published before Christmas. The agency did not reveal the name or the location of the port authority; however, it described the incident as recent. Read more on…
As 2019 draws to a close, some entities are taking harder look at storing PHI in employee email accounts
Okay, so two exemplars doesn’t prove any kind of trend, but I’m glad to see some entities now taking steps to reduce how much PHI is stored in employee email accounts. Here are two recent incidents, both reported to HHS in December: Healthcare Administrative Partners (HAP) is a Pennsylvania-based business associate under HIPAA. On December…
UK: Home addresses of Elton John, Gabby Logan, Nadiya Hussain and every other recipient on New Year’s Honours list – including senior police and anti-terrorism officials – are accidentally published by the Cabinet Office
Oops. Ryan Fahey reports: The Cabinet Office uploaded the home and work addresses of more than 1,000 recipients of New Years’ Honours, including Elton John, Ben Stokes, Iain Duncan Smith and TV chef Nadiya Hussain. The work and home addresses of counter-terrorism officials, senior police and Ministry of Defence (MoD) staff were also included in…
IoT provider Wyze confirms server leak
Suzanne Larosa reports: Wyze, a company that sells smart devices such as security cameras, smart plugs, smart light bulbs and smart door locks, today confirmed a server leak that exposed the details of approximately 2.4 million customers. The leak occurred after an internal database was accidentally exposed online, Wyze co-founder Dongsheng Song said in a…
160,000 Belgian Allianz Partners clients affected by data theft
Oscar Schneider reports: An Allianz Partners strongbox containing back-up copies of data related to disaster claims was stolen in the Netherlands in August, the insurance and assistance company disclosed on Friday. According to an audit and analysis of the documents concerned, the strongbox contained data on 160,000 Belgian customers who had filed claims for disasters…