Erin McCann reports: The new 2014 Verizon Data Breach Investigations Report highlights a concerning carelessness regarding privacy and security, specific to the healthcare industry. “They seem to be somewhat behind the curve as far as implementing the kinds of controls we see other industries already implemented,” said Suzanne Widup, senior analyst on the Verizon RISK…
How to lose a customer with one email gaffe, Tuesday edition
An Account Executive at Square wanted to introduce herself to clients in her area, so she sent a friendly email to them today: Hi there, I wanted to reach out to let you know my team realigned territories and I will be your new point of contact moving forward. I’d love to set up a call…
Iowa State IT staff discover unauthorized access to servers
Posted by Iowa State earlier today: Information technology staff at Iowa State University have discovered a breach affecting five departmental servers on campus. An extensive analysis has revealed the compromised servers contained Social Security numbers of 29,780 students enrolled at Iowa State between 1995 and 2012. There’s no evidence any of the data files were…
Massachusetts AG Coakley Investigates Potential Data Breach Involving Major Credit Reporting Company; Issues Consumer Advisory
Press release from Massachusetts Attorney General Coakley: Following reports that criminals were able to gain access to a commercial database that contained the personal information, including social security numbers, of more than 200 million U.S. citizens, Attorney General Martha Coakley, along with attorneys general across the country, have opened an investigation into the data broker…
Latest update to HHS breach tool discloses previously unknown breaches
HHS has another big update to their public-facing breach tool. While many of the incidents they have added have already been noted on this blog, there are some ones that have not been mentioned here previously. Here are the incidents we did know about already (links are to previous coverage of the incident on PHIprivacy.net):…
UK: Confidential records mistakenly sent to all students at Penryn College
Penryn College has apologised “unreservedly” after accidentally emailing confidential pupil details to all students. A weekly summary of all students’ commendations and behaviour incidents was sent before the start of the Easter holidays. Read more on The Packet. h/t Jon Baines