Eric Larson writes that even when a physician’s posting or use of social media doesn’t violate HIPAA, it can still be problematic. Consider this case, involving an OB/GYN at St. John’s Mercy Medical Center in St. Louis, Mo. The doctor posted something on her Facebook page about a patient who continually was late or a…
Looking back at 2012 Data Breaches: RBS and OSF release QuickView report
Risk Based Security and the Open Security Foundation released a report this morning, Data Breach QuickView: An Executive’s Guide to Data Breach Trends in 2012. The report summarizes some of the major statistics for 2012, based on analysis of the incidents compiled in OSF’s DataLossDB. As most readers know by now, I am involved in…
Do Merchants That Outsource Payment Processing Still Have Risk From a Breach?
Craig Hoffman writes: Last week a small New England bakery announced that its point-of-sale (POS) devices were infected with malware that may have put card data at risk. The bakery’s letter to its customers stressed that it did not store card data on its computer systems, but the malware allowed an unauthorized person to gather card data as the…
Three breaches, some details (updated)
And yet again, HHS’s breach tool reveals breaches for which I can find no public statements or media coverage: Lee Miller Rehab Associates,MD,,10480,1/15/2012,Theft,Network Server,2/7/2013,, American HomePatient Inc.,TN,LifeGas,1103,10/11/2012,Theft,Laptop,2/7/2013,, Riderwood Village,MD,,3230,11/18/2012,Theft,Laptop,2/8/2013,, If anyone sees/find coverage, please let me know. Two of the incidents involved stolen laptops and it appears that HHS may not have notified within the…
How not to explain a breach, Sunday edition
I came across a media report on what appears to be a breach involving card numbers of guests and employees of Island Resort & Casino in Michigan. But was it their breach or not? Read the casino’s statement: We would like to address the many rumors that are in circulation regarding the harvesting of credit/debit…
Walmart: no, there’s been no breach of walmart.com
I was surprised to read a news report tonight that Walmart.com had been hacked. Part of my surprise was due to the fact that mainstream media did not have the story but a site called SandhillsExpress.com in Nebraska was reporting it: Ericka and Mike Hunt of Broken Bow were reviewing their bank account online this…