WBTV reports: The College Foundation of North Carolina notified participants of the NC 529 Plan that some personal information was accidentally disclosed by a third-party vendor. The foundation, CFNC, sent an email out to participants on Wednesday morning that a third-party vendor’s staging server inadvertently allowed public access to this limited information. A list of…
If you receive a breach notification letter offering you free credit monitoring….
Then Brian Kreb’s column today is a MUST READ for you. Find out what these services do – and don’t do – and what your alternatives are.
Kent Police fined £100,000 after interview tapes abandoned at former station
The Information Commissioner’s Office has served a monetary penalty of £100,000 on Kent Police after confidential information, including copies of police interview tapes, was left in the basement of a former police station. The highly sensitive information included records relating back to the 1980s, thought to have been left at the site when the building was vacated…
HHS OIG penetration testing reveals Indian Health Services network security flaws
The Office of the Inspector General of HHS has released a report on penetration testing conducted on the Indian Health Services (IHS) network in June 2013. The testing was conducted, in part, because in its 2011 audit of IT general network controls, OIG found deficiencies that could allow attackers to gain access to the IHS…
What might the FTC do about the Target breach?
Brendan Sasso reports: Target could face federal charges for failing to protect its customers’ data from hackers. The retailer has been in contact with the Federal Trade Commission, Molly Snyder, a Target spokeswoman, told National Journal. It’s unclear whether the FTC has issued any subpoenas or other formal demands for information. The FTC declined to comment…
Newborn screening bill pits medical groups against privacy rights advocates
Damned if you do, damned if you don’t? The controversial newborn blood screening program in Minnesota that I’ve mentioned before on this blog is back in the news – this time for a case where a parent wanted to access her deceased daughter’s blood screen records, only to find it had been destroyed the day…