Elliot Health System is notifying some of its patients after four computer work stations with unencrypted names, addresses, telephone numbers, dates of birth, limited health information such as billing codes, Social Security number for at least one patient, and Tufts Health Plan insurance number for at least one patient were stolen. EHS became aware of the breach on March…
Lawsuit against Eisenhower Medical Center dismissed on appeal
There’s an update to a lawsuit that followed a breach involving a computer stolen from Eisenhower Medical Center in 2011. As reported at the time, the types of unencrypted patient information on the computer was confined to an electronic index patient names, ages, dates of birth, the last four digits of the Social Security numbers…
TradeMotion hacked
Oops. It seems TradeMotion, who describe themselves as the “Preferred Automotive Dealer eCommerce & Data Services Provider”- was hacked, and customer data compromised. Now one of their clients, AutoNation, is notifying some of their online customers that hackers may have accessed their names, postal and email addresses, telephone numbers and credit card numbers between March…
Why Investors Just Don’t Care About Data Breaches
Eric Chemi reports: On May 21, EBay revealed that it had suffered a cyber attack and data security breach, and users’ information—names, account passwords, e-mail addresses, physical addresses, phone numbers, and birth dates—was exposed to hackers. While security experts, the news media, and actual EBay users may have all been alarmed, the stock investors weren’t. EBay’s stock finished…
Audit of Broome County discusses need for control of USB devices
The Office of the NYS Comptroller has released its audit of Broome County‘s information technology for the period January 1, 2012 — August 20, 2013. From their summary: Local governments use and maintain data that contains PPSI. PPSI is any information where unauthorized access, disclosure, modification, destruction or disruption of access or use could severely impact the County’s critical…
San Diego State University notifies students of information exposure
So as if we didn’t have enough breaches in higher education recently, San Diego State University is notifying students who were enrolled in Pre-College Institute programs that their name, Social Security number, date of birth, address, and other personal information was in a database that enabled any computer connected to the SDSU wired network (offices,…