A campaign aide for former Republican presidential candidate Michele Bachmann sued the Minnesota congresswoman and her senior campaign aides on Monday, alleging an official stole a private email list and that she was blamed for its use. The lawsuit filed by Barb Heki claimed that Bachmann’s Iowa campaign chairman, state Senator Kent Sorenson, took the…
Hartford Hospital and VNA Healthcare notify patients after laptop stolen from vendor employee's home
Christine Dempsey reports: An [sic] laptop computer stolen from a business associated with Hartford Hospital and its sister home-health care group contains personal information of nearly 10,000 patients, the hospital said Monday. Officials from the hospital and VNA HealthCare learned on June 26 that the laptop had been stolen from the home of an employee of Greenplum,…
When security works: payroll processor prevent$ transactions
Neurocare, Inc. has been notifying some employees after one of their systems was infected by malware and the criminals acquired the firm’s login credentials to its payroll processor account. The credentials were then used to re-route direct deposits for some employees to other accounts. The scheme was foiled because Neurocare’s unnamed payment processor detected an…
PRC launches medical privacy microsite for California residents
From PRC, a new resource for California residents: Many people consider their health information to be highly sensitive, deserving the strongest protection under the law. Medical records often contain not only personal health-related information – considered by most to be strictly confidential — but also Social Security numbers and dates of birth — the keys…
Petco notifies employees of data theft from auditor’s office
The auditor is as yet unnamed, but Petco Animal Supplies notified over 500 employees that laptops stolen from their auditor’s office the weekend of May 18 -20 contained their SSN and some 401(k) information. The theft occurred in San Diego. It is not clear why it took the auditor over one month to notify them….
Oops x 2: lack of logs confounds thorough breach investigation
The Depository Trust and Clearing Corporation realized that employee information – including SSN and financial information – was improperly accessible to other employees on its intranet. But its lack of adequate logging procedures made it impossible for them to determine who may have accessed the data, they report to the New Hampshire Attorney General.