Sometimes, despite your best efforts to deal with a malware problem, the system can be re-infected, as Birmingham-based Colonial Properties Trust learned back in April and May. CPT reports that they promptly contacted a forensics firm after detecting malware on their system, and within three days of detection, the malware had been eradicated. One week later,…
Executive Accounting Services notifies clients of security breach involving their personal and banking information
Executive Accounting Services, Inc. is a Raleigh, North Carolina firm that provides payroll and tax preparation services to clients. As such, it maintains information on the clients’ employees, including names, postal and email addresses, checking and savings account numbers, telephone or cell numbers, and Social Security numbers. On September 17, EAS was notified by some…
Privacy breach at Northern Inyo Hospital could result in criminal charges
From today’s Inyo Register in Bishop, California: Local law enforcement has opened an investigation into the theft of medical records from Northern Inyo Hospital in a case that has shaken community members and NIH itself. This past summer, hospital officials noticed that an employee in the records department had illegally obtained and was in possession…
Ouidad notifies customers after customer data viewed or obtained
Hair care product manufacturer and e-tailer Ouidad is notifying customers that they were recently alerted to a compromise of their customer database that occurred between June 30 and July 4. In a letter to those affected, they write: It appears the attackers obtained or viewed information about one or more transactions you completed at Ouidad.com…
French Data Protection Authority CNIL Announces New Online Notification Procedure For Reporting Data Breaches
Cynthia O’Donoghue and Daniel Kadar write: France’s data protection authority, the Commission Nationale De L’informatique et Des Libertés (CNIL), released a new mandatory online notification procedure for French electronic communications service providers (Providers) to rapidly report data breaches to CNIL in compliance with new EC Regulation (No.611/2013) (the Regulation). Any data breach must be reported to CNIL via a…
Broward Health Medical Center notified by law enforcement that employee stole face sheets
Another insider breach in a Florida healthcare facility where the covered entity only learned of the breach via notification by law enforcement. Maria Mallory White reports: A former Broward Health Medical Center employee took documents containing the personal information of nearly 1,000 patients in a data breach uncovered by local and federal officials, the Fort Lauderdale health system announced…