David Allison reports: Children’s Healthcare of Atlanta has fired and sued a top executive for allegedly taking the hospital’s proprietary information, including children’s patient health information, numbers assigned to health care providers by the U.S. Drug Enforcement Administration, and the state license numbers for more than 500 health care providers. In a complaint filed Oct. 25…
Florida Department of Health of Orange County discloses insider breach for tax refund fraud affecting 2,300 patients
Why report just one insider breach/tax refund fraud scheme for the day when you can report two? Here’s a statement the Florida Department of Health in Orange County posted today on their site: The Florida Department of Health in Orange County (DOH-Orange) is issuing a security breach notice to certain patients of its health centers…
Security concerns – or politics, depending on your view – prompt subpoena for Healthcare.gov data
Jaikumar Vijayan reports: A U.S. House committee chairman, citing security concerns, today ordered a Healthcare.gov contractor to provide detailed information about its work on the project. Rep. Darrell Issa, (R-Calif.), chairman of the Committee on Oversight and Government Reform chairman, Tuesday issued a subpoena for Quality Software Services Inc.’s contract with the U.S. Dept. of Health and Human…
Does Healthcare.gov violate their own privacy policy?
No, this is not on HIPAA, but Ben Simo has noted what I think appears to be a legitimate question/concern: I have read some reports that we need not be overly concerned about Healthcare.gov security because the site doesn’t keep much personal information. While we can’t into the site from outside to see what…
Hosting Service MongoHQ Suffers Major Security Breach That Explains Buffer’s Hack Over The Weekend
Alex Williams writes: NoSQL Database hosting service MongoHQ, a Y Combinator alum, has suffered a major security breach that appears to be a major factor in an attack over the weekend on Buffer, the social media scheduling service. The MongoHQ intrusion is affecting customers of the hosting service and potentially also their S3 storage accounts on Amazon Web Services (AWS). MongoHQ…
Update: Final Defendants Sentenced to Federal Prison for Participating in Identity Theft Scam
On September 30, there was an update from the IRS’s Criminal Investigation unit to an insider breach previously reported on this blog: The final two defendants charged in relation to an identity theft scam that used identities stolen from the Los Angeles County Department of Public Social Services to file fraudulent tax returns were sentenced…