A breach involving Equity Trust Company in South Dakota also flew under the media radar this year, it seems. In a letter dated April 16 to the Maryland Attorney General’s Office, Michael Dea, President of the Ohio-headquartered firm, writes that at the end of January, they discovered that part of their network had been accessed…
U.S. FDA issues final rules on mobile medical apps
Toni Clarke reports: The U.S. Food and Drug Administration has issued final rules governing the development of mobile medical apps, saying it will focus its oversight on those products that have the potential to harm consumers if they do not function properly. The rules, announced on Monday, come more than two years after the FDA…
ADP coding error also impacted AlliedBarton Security Services, too
I’m still uncovering details of the ADP coding error breach that impacted employees of the City of Houston, US Airways, and McKesson. Now we can add AlliedBarton Security Services to the list of affected clients. And Lennox International. Interestingly, these newly posted reports indicate that 206 of ADP’s clients were affected by this breach. In…
Oh, those hidden fields in Excel spreadsheets: Columbia University Medical Center notifies students of breach
It seems that Columbia University Medical Center inadvertently exposed the Social Security numbers of 138 medical students from the graduating class of 2013 in an Excel spreadsheet sent to faculty, students, and staff. CUMC became aware of the breach on March 15. The breach occurred because the Excel spreadsheet with residency match lists for the graduating…
Some breaches are not as bad as HHS's breach tool might suggest
In my recent recap of new additions to HHS’s public breach tool, I noted an incident involving Summit Community Care Clinic. My summary of the breach log was: Summit Community Care Clinic in Colorado reported that 921 patients were affected by a Hacking/IT incident that occurred July 22. There is no statement or notice on their web…
Clark & Anderson accounting firm notifies thousands after unencrypted backup drive stolen from employee’s car
A Maryland accounting firm had to notify 2,906 Maryland residents after an unencrypted backup drive was stolen from an employee’s car at his home. The theft occurred on August 4, but Clark & Anderson, P.A. didn’t learn of it until August 8. In a letter dated August 30 to the Maryland Attorney General’s Office, they…