David Lazarus reports on a rewards program that made me shudder when I read this story: Since February, CVS Caremark has been pushing its pharmacists to enroll customers in a prescription-drug rewards program. The benefit to customers is the opportunity to earn up to $50 a year in store credits that can be used to…
Ferris State University reports malware injection may have compromised employee and student Social Security Numbers (Updated)
Ferris State University in Oregon is notifying current and prospective employees and students after a malware injection may have exposed their personal information. In a letter submitted to the Vermont Attorney General’s Office, John Urbanick, CTO at the university, explained that the university became aware of the breach on July 23. They do not explain…
TX: Hard drive stolen by employee contained thousands of patients' information
Alex Belser of KTEN reports that a computer drive containing medical records of nearly 3,000 patients was stolen from the North Texas Comprehensive Spine and Pain Center in Sherman, Texas. The law firm representing the center says that there’s no indication of any misuse of the data, but the stolen external hard drive contained patients’ names, Social Security…
When applying for a job = applying to become an ID theft victim
Holding a fake jobs fair to steal people’s identity information may have seemed like a great idea to a Texas man – until he got caught.
Denver counselor notifying patients after laptop with PHI stolen from office
Anica Padilla of 7News reports that Janna Benkelman, a licensed professional counselor who has offices in Denver and Parker, Colorado, sent a breach notification to 7News after a laptop with unencrypted patient information was stolen from her office. Ms Padilla didn’t report when the theft occurred, whether it affected patients at both offices or just the Denver…
ADP coding error exposed McKesson employees’ SSN and wages (updated to include statement from ADP)
Add McKesson to those affected by a breach involving ADP that was disclosed in June. The breach also affected employees of the city of Houston and US Airways, as reported previously on this blog. On August 9, McKesson notified the New Hampshire Attorney General’s Office that it was sending out notifications to some of their employees…