The Hospice of San Joaquin recently notified the California Attorney General’s Office that it had suffered a ransomware attack on July 2. The notification, signed by Rebecca Burnett, their CEO, states that: The data accessed may have included personal information such as full name, patient ID number, diagnoses, home address and other sensitive information. Though…
NZ: Medical centre receptionist dismissed after sharing patient history
Susan Edmunds reports: A medical centre receptionist has lost her job after telling a family gathering about a couple’s sexual health tests. The patients complained to the Privacy Commissioner when they discovered the woman had shared sensitive medical information about them. Read more on Stuff.
CBSA officer caught leaking police information to family members: internal docs
Catherine Tunney reports: A Canada Border Services Agency agent breached federal privacy law when she took a photo of confidential police information and emailed it to a member of her family, says an internal report. According to a copy of the findings, recently obtained by CBC News through access to information law, the Calgary Police…
Aussie banks warn customers after fresh PayID data breach
Ry Crozier reports: Banks have started warning customers of a fresh data breach involving PayID records that was reported to new payments platform overseer NPP Australia late Friday. NPP Australia said that an undisclosed number of PayID records “and associated data in the Addressing Service were exposed by a vulnerability in one of the financial…
Texas DIR issues update on coordinated ransomware attack on multiple government agencies
The Texas Department of Information Resources (DIR) is leading the response to a ransomware attack against entities across Texas. Below is an update as of August 20, 2019, at approximately 3:00 p.m. central time. The number of confirmed impacted entities has been reduced to twenty-two. As of the time of this release, responders have engaged…
Ireland, Poland Offer Guidance on Data Breach Response Under GDPR
Odia Kagan of Fox Rothschild writes: The Irish Data Protection Commission and Polish Data Protection Authority have issued guidance on data breach notification under GDPR in which they address the following questions, and more: When do you “become aware” of a data breach? What should a data breach notification include? How do you communicate a…