The highlights of a new GAO report, INFORMATION SECURITY: VA Needs to Address Identified Vulnerabilities: While the Department of Veterans Affairs (VA) has taken actions to mitigate previously identified vulnerabilities, it has not fully addressed these weaknesses. For example, VA took actions to contain and eradicate a significant incident detected in 2012 involving a network intrusion,…
Nearly a billion records were compromised in 2014
Steve Ragan reports: In first nine months of 2014, after 1,922 confirmed incidents, criminals managed to compromise 904 million records. Many of the incidents reported in 2014 were record setting, including twenty of them that resulted in the compromise of more than a million records each. In retrospect, it can be safely said that criminals…
Ca: Western Health privacy breach lawsuit can proceed to next stage of certification of class action – court
Gary Kean reports: The Supreme Court of Newfoundland and Labrador has decided that a group of patients who had their health information inappropriately accessed by a Western Health employee have grounds to continue with a class action lawsuit against the health authority. Justice William Goodridge, who heard arguments last February from both the health authority…
Belgian activist files complaint with Belgian Privacy Commissioner over hack
This Belgian blog is really going after Mensura over the recent Rex Mundi hack, reported on this site. The blogger raises a number of good points, including the concern about Belgians providing their national registration numbers to web sites and the fact that so much medical information on named individuals has now been exposed. You…
$1.4M jury verdict against Walgreens for violating customer privacy upheld in appellate court (update)
As this blog noted in July 2013, a jury awarded a Walgreens customer $1.44 million after finding Walgreens and one of their pharmacists violated the customer’s privacy. In this case, a female pharmacist had looked up and shared the customer’s records when she suspected the female customer had shared a sexually transmitted disease with a man who was the customer’s ex-boyfriend and…
Attack reveals 81 percent of Tor users but admins call for calm
Darren Pauli reports: The Tor project has urged calm after new research found 81 percent of users could be identified using Cisco’s NetFlow tool. A research effort led by professor Sambuddah Chakravarty from the Indraprastha Institute of Information Technology in Delhi found that well-resourced attackers such as a nation-state could effectively reveal Tor users’ identity…