Darren Fishell reports: Malware on a computer at the Brunswick Hotel and Tavern exposed names and credit card information for as many as 2,600 guests who stayed at the hotel between November 2014 and July 2015. The company managing the hotel notified customers of the breach in a letter dated Aug. 21 and posted to…
Former Cambridgeshire detective sentenced for theft and Data Protection Act breach
The Peterborough Telegraph reports that a former Cambridgeshire police officer has been sentenced after pleading guilty to theft and computer misuse. Matt Bailey, 50, who retired earlier this year, was given a 16-month jail sentence, suspended for two years, at Lincoln Crown Court today (September 2). Bailey, formerly a detective constable based at Ely Police Station,…
Cancer Care Group settles HHS charges over “widespread noncompliance” with HIPAA Security Rule; $750,000 fine and corrective action plan
In August 2012, I noted a breach involving the theft of backup media from an unattended vehicle of a Cancer Care Group employee. The backup contained information on 55,000 patients and employees. Now, more than three years later, HHS has announced a settlement with CCG over the breach. As seems to be their style, they…
UK: WHSmith “bug” spams confidential customer details from “contact us” form
James Temperton reports: WHSmith‘s website has randomly sent out hundreds of private emails to people on its mailing list. The issue appears to come from a broken “contact us” form, with anything customers send through the form being erroneously sent to hundreds of WHSmith’s customers. Details included in the emails include real names, phone numbers,…
UK: London clinic accidentally exposes HIV status of 780 patients
Joseph Patrick McCormick reports that 780 patients at the 56 Dean Street sexual health clinic in London had their names, HIV status, and contact details exposed to one another. The breach occurred when an employee sent out an email newsletter but put the mailing list in the “To:” field instead of the “bcc” field. The clinic…
Meanwhile, back at the OPM breach….
Victims of the breach still have not been notified. OPM will start sending postal laters “later this month.” The government will spend $133 million on identity theft protection services. With options, it could go up to $330 million. ID Experts (Identity Theft Guard Solutions LLC) got the gig to provide the service, which will provide…