Jeanne Price of idRADAR interviewed a University of Maryland spokesperson about their recent breach. The interview provides a nice insider’s perspective on breach response, and you may wish to read it all here. Perhaps the most startling revelation was this one: UMD did not have a data breach crisis plan in place before the event,…
The Timken Company notifying 5,000 associates after data exposed on insecure server
Ohio-based The Timken Company, a global steel and bearing manufacturer and supplier, is notifying current and former associates and job applicants of a data security breach that occurred on January 30 and was discovered February 19. The breach occurred when a file containing personal information was stored on a server normally used for interchange of non-confidential information…
CA: San Juan Unified School District notifies parents of information security breach
Sharokina Shams reports: Officials at a Sacramento school district are notifying parents that records containing personal identifying information were found at the Southern California home of a wire fraud suspect. The San Juan Unified School District posted the information on its website Friday, one day after KCRA 3 informed the district that an FBI investigation had…
Audit finds high-risk security vulnerabilities in the automated systems used to process Medicaid claims
The Office of the Inspector General (OIG) of HHS recently released an audit that found pervasive high-risk security vulnerabilities at 10 state Medicaid agencies. The report is written so as not to provide a road map for attackers who might want to exploit the vulnerabilities but to raise awareness of concerns, i.e., the states are…
St. Joseph Health breach affected 11,800 patients
Martin Espinoza reports some additional details on the St. Joseph Health breach reported here a few days ago: St. Joseph Health mistakenly divulged the private information of 11,800 home health patients — including 1,762 in Sonoma and Napa counties — to an investment firm working on a business proposal for the health system. Neither financial information…
Two Iowa Dept. of Human Services employees blamed for security breaches of more than 2,000 Iowans' personal information
The Iowa Department of Human Services announced Friday that there was a breach in personal information related to some Polk County social work assessments. There are 2,042 individuals whose information was included in the breach, which happened during the assessment period of some child and dependent adult abuse cases. Letters were mailed this week notifying…