No matter what sector, no matter what country, there are employees who can’t seem to resist misusing their access to databases for snooping or personal reasons. Today’s example involves the Gardai in Ireland: Confidential information on six “high-profile” personalities on the Garda Pulse computer system was accessed “inappropriately” by members of the force. The multiple…
Settlement of Lawsuit against Stanford Hospital & Clinics and Former Vendor Gets Tentative Approval
Back in August 2011, Stanford Hospital & Clinics (SHC) disclosed that medical records for 20,000 emergency room patients, including names and diagnosis codes, had been exposed on a public website due to the actions of a former billing contractor’s employee who, seeking help converting the data, had uploaded the file on the “Student of Fortune” website. Both…
Current and former Weather Shield employees continue to battle identity theft
Just a quick update to the Weather Shield case – where employees have been victims of tax refund fraud for the past three years, although Weather Shield says there is no evidence that they had a breach: so far this year, there have been 24 cases of tax refund fraud. And for the life of me,…
GA: Dozens of Watershed Management Employees’ Identity Stolen for Tax Refund Fraud
Ross McLaughlin reports: 11Alive’s Center for Investigative Action has uncovered a very suspicious case of identity theft involving several employees in Atlanta’s Watershed Management. It raises a lot of cases about a possible data breach. There’s no evidence yet to suggest the breach occurred within the city, but it’s suspect, considering that so many employees…
VA: Security breach leaves Richmond firefighters’ social security numbers exposed
WTVR reports: Though the Richmond Fire Department spokesperson believes it was a mistake, a file containing all department Social Security numbers was exposed online. A file was created that contained all department Social Security Numbers, it was a file created for users that needed access to the information, according to Lt. Robbie Hagaman. For example, if…
Law firm notifies employees after vendor’s server accessed
So here’s another case where a vendor’s database was accessed by someone who was able to acquire a client’s login credentials: The international law firm of McKenna Long & Aldridge notified the Maryland Attorney General’s Office on February 26 that 441 current and former employees’ W-2 information and other information were involved: As a result…