Candice So reports: Well.ca, a Canadian online retailer for health and beauty products, has suffered a data breach, potentially losing the credit card information of some of its customers. In an email to its customers today, Well.ca said one of its service providers was “illegally compromised” between Dec. 22, 2013, and Jan. 7, 2014. The company…
UK: NHS in England delays sharing of medical records
Peter Walker and James Meikle report: The NHS delayed for at least six months a controversial plan to share data from people’s medical records on Tuesday following concerns from doctors and patients’ groups, acknowledging there was insufficient public confidence in the scheme. The postponement by NHS England was welcomed by critics who had complained too…
2013 Exposed Records Sets the Stage for Massive Identity Theft
From Risk Based Security: We are pleased to release our Data Breach Quick view report that shows 2013 broke the previous all-time record for the number of exposed records caused by reported data breach incidents. The 2,164 incidents reported during 2013 exposed over 822 million records, nearly doubling the previous highest year on record (2011). Although overshadowed…
Zevin Asset Management notifies clients after employee who violated company policy inadvertently exposed personal and financial information
Boston-based Zevin Asset Management recently notified some clients of a breach that began in mid-September 2013. According to a letter dated February 13 signed by their President, Benjamin Lovell: In mid-September 2013, contrary to Zevin policies, a Zevin employee used an online services provider to host a document listing Zevin’s usernames and passwords for certain…
WEDI publishes health data breach notification tips
Patrick Ouellette reports: The Workgroup for Electronic Data Interchange (WEDI) Privacy and Security Workgroup recently published its Breach Risk Assessment Issue Brief to offer reminders to healthcare organizations regarding the breach notification decision process. According to WEDI, organizations can use this brief as a reference used to help determine probability and requirements for breach notification. Read Patrick’s…
Cost of Target data breach exceeds $200M so far just for card replacement-related costs for 22M customers
From the Credit Union National Association: Financial institutions continue to respond to the massive data breach at Target. According to data collected by the Consumer Bankers Association (CBA) and the Credit Union National Association the costs associated with the Target data breech (sic) exceed $200 million. CBA estimates the cost of card replacements for its members to have reached…