Jaikumar Vijayan reports: A U.S. House committee chairman, citing security concerns, today ordered a Healthcare.gov contractor to provide detailed information about its work on the project. Rep. Darrell Issa, (R-Calif.), chairman of the Committee on Oversight and Government Reform chairman, Tuesday issued a subpoena for Quality Software Services Inc.’s contract with the U.S. Dept. of Health and Human…
Does Healthcare.gov violate their own privacy policy?
No, this is not on HIPAA, but Ben Simo has noted what I think appears to be a legitimate question/concern: I have read some reports that we need not be overly concerned about Healthcare.gov security because the site doesn’t keep much personal information. While we can’t into the site from outside to see what…
Hosting Service MongoHQ Suffers Major Security Breach That Explains Buffer’s Hack Over The Weekend
Alex Williams writes: NoSQL Database hosting service MongoHQ, a Y Combinator alum, has suffered a major security breach that appears to be a major factor in an attack over the weekend on Buffer, the social media scheduling service. The MongoHQ intrusion is affecting customers of the hosting service and potentially also their S3 storage accounts on Amazon Web Services (AWS). MongoHQ…
Update: Final Defendants Sentenced to Federal Prison for Participating in Identity Theft Scam
On September 30, there was an update from the IRS’s Criminal Investigation unit to an insider breach previously reported on this blog: The final two defendants charged in relation to an identity theft scam that used identities stolen from the Los Angeles County Department of Public Social Services to file fraudulent tax returns were sentenced…
App For Doctors Sends Unencrypted Data
Max Eddy reports on a review of Calculate by QxMD: Appthority’s CTO Kevin Watkins writes that app fails to live up to the promises made by its own privacy policy. Specifically, the app sends private data over the network unencrypted and in plaintext. “This action directly contradicts what is stated in the app’s privacy policy: that…
Massive data breach a 'national security risk'
From The Local in Sweden: Three million Swedes may have had their medical journals available to prying eyes, after a large-scale IT failure affected patients in Stockholm and Gotland. The Dagens Nyheter (DN) newspaper, which made the discovery, reported on Wednesday that there were signs that intruders had tried to access medical journals. The medical…