Carl Prine of the Pittsburgh Tribune-Review reports on an investigation they conducted on privacy breaches involving veterans’ health records. Some of their findings: … VA workers or contractors committed 14,215 privacy violations at 167 facilities from 2010 through May 31, victimizing at least 101,018 veterans and 551 VA employees. Photos of the anatomy of some were posted…
Software Company Tom Sawyer Hacked, 61,000 Vendors Accounts Leaked
LeeJ writes: A hacker who uses the handle Nairb has been on a leaking streak over the past few days and to continue that they have now dumped information from a software based company. Tom Sawyer produces data visualization, layout, and analysis component software that is designed for use by application developers. Nairb has announced the leak from there…
Third-party vendor sends UVa emails to wrong addresses
Even when you don’t disclose personal information, you may get a bad reputation if your vendor sends email to the wrong parties, as this incident suggests: An email intended for applicants to a new online program at the University of Virginia instead was sent by a third-party vendor to a marketing list of people with…
Woman found with 1,000 identities charged with 62 felonies
I was reading a news story about a criminal case involving ID theft, where many of the documents with personal information may have been obtained from car burglaries, when I came across this: Police discovered about 1,000 identities along with forged documents at the two locations, prosecutors said. “Chaplin had such a large amount of…
Sentara employees plead guilty to stealing patient information for tax refund fraud scheme
Scott Daugherty has an update on an insider breach involving two former Sentara Healthcare nurse’s aides. It turns out that they accessed the information of 3,700 patients between September 2011 and April 2013. Most of the victims were patients at Sentara Virginia Beach General Hospital between September 2012 and February 2013. Sentara Healthcare’s chief privacy officer,…
Datapak notifies customers that malware may have been capturing their credit card information since March (Update4)
Datapak Services Corporation, an order fulfillment and payment processor based in Swanee, Georgia, recently learned that malware placed on their system on March 5 may have compromised the credit card information of customers of “several” e-commerce web sites. In a letter dated October 3, they note that customers’ names, addresses, and card numbers with expiration…