Update: Double-WOW. Their breach notice is already up on the California Attorney General’s web site. According to their submission to the state, the breach occurred on April 5 and was discovered on April 12. Original post follows: Wow. AllThingsD.com is reporting: LivingSocial, the daily deals site owned in part by Amazon, has suffered a massive…
Two years after a vendor is hacked, OneWest Bank notifies customers
OneWest Bank has been notifying customers of a breach that occurred back in 2011. According to their letter, a copy of which they submitted to California under the state’s breach reporting requirements, the bank recently learned that one of our service providers, was the victim of an illegal and unauthorized intrusion into its network (“Network…
NY: Upstate University Hospital notified 283 patients after portable device with PHI stolen
Seen on YNN: A portable electronic device containing personal medical information has been stolen from Upstate University Hospital. The hospital notified 283 patients that their information may be compromised. Information on the device may have included patients’ names, date of birth, hospital medical record number, and diagnosis. The device does not include patients’ Social Security…
OH: Solon dentist charged with illegal use of state database
Here’s something that I stumbled across while researching something else. Sun News Staff reports: A Solon dentist was indicted by a Cuyahoga County grand jury earlier this month for looking up personal information on an ex-girlfriend using the Ohio State Board of Pharmacy database. Between March 10 and Dec. 26, 2012, Dr. Fred Glick, 55,…
Florida women sentenced in tax refund fraud case; bought patients' identity information
Two identity thieves involved in the South Miami Hospital breach noted previously on this blog have been sentenced. The breach had resulted in tax refund fraud for a number of the hospital’s patients. The Sun Sentinel reports Alci Bonannee was sentenced to more than 26 years behind bars and Sonyini Clay was sentenced to 10 years in…
UK: GP practice in County Armagh warned after patients’ details compromised following email attack
A GP practice in County Armagh has signed an undertaking to improve the security of patients’ information following a breach of the Data Protection Act investigated by the Information Commissioner’s Office (ICO). The breach was caused when a free web-based email account used by the Burnett Practice to inform patients of upcoming smear tests appointments…