Eight men have been arrested on suspicion of stealing 1.3 million pounds ($2 million) from a Barclays bank branch by tapping into its computers, British police said Friday. […] Detective Supt. Terry Wilson said one of the arrested men is the “Mr. Big” of British cybercrime. Police suspect that in both cases a gang member…
Audit of State University of New York at Albany reveals to-be-surplussed devices certified as “clean” still contained PII
I periodically post audits from the NYS Comptroller Thomas DiNapoli’s office pertaining to data protection. A recently released audit of SUNY-Albany reminds us that we need to continue to be concerned about inadequately wiped devices or drives that are to be surplussed. The audit period covered January – May 2012, and during that time, SUNY-Albany…
Apple now asking app developers to provide sources of medical information
Tom Lewis reports: Recently there have been signs Apple is taking the reliability and content of medical apps sold through the App Store more seriously. iMedicalApps recently reported that medical apps containing drug dosages were being rejected from the App Store. Further information has now become available that suggests Apple is now looking to ensure the information contained…
MNsure data security breach prompts new bill
Catherine Richert of Minnesota Public Radio reports: A data security breach at the state’s new online insurance marketplace has prompted two members of Minnesota’s Congressional delegation to write a bill designed to prevent confidential information from being leaked again. Starting Oct. 1, uninsured Minnesotans will be using MNsure to purchase health insurance, and they’ll have…
Windhaven Investment Management notifies customers months after vendor-maintained server was hacked (update 3)
Windhaven Investment Management is notifying clients that a server maintained by an unnamed vendor suffered an unauthorized intrusion several months ago. As a result, customers’ names, account numbers, custodians, and investment positions for their Windhaven account(s) may have been accessed. Neither Social Security numbers nor dates of birth were exposed. Windhaven learned of the intrusion last month, but…
HHS: Statement of Delay in Enforcement of HIPAA Requirement for Certain CLIA and CLIA-Exempt Laboratories to Revise their Notices of Privacy Practices (NPP)
Dated: September 19, 2013 The Office for Civil Rights (OCR) of the Department of Health and Human Services announces a delay in its enforcement of the requirement that certain HIPAA–covered laboratories revise their notices of privacy practices (NPPs) to comply with the modifications made to the HIPAA Rules published in the Federal Register on January 25, 2013…