The newest additions to HHS’s breach tool reveals more breaches I hadn’t known about previously: Wolf & Yun in Kentucky reported that 824 patients were affected by a laptop theft on April 24th. A public notice on the breach posted in the Courier-Journal on July 20 explains: Public Notice Information on the limited theft of…
GM notifying more than 800 workers of personal information breach
Melissa Burden reports: General Motors Co. said Friday that 883 active and retired GM workers may have had their personal information exposed — including Social Security numbers — after a GM employee copied personal information just before retiring in May. “GM has completed an investigation of this incident and is contacting the affected individuals to…
Defining Reasonable Security
Tracy Kitten writes: Last month, an appellate court in Boston reversed a lower court’s ruling that favored a bank in a legal dispute over a 2009 account takeover incident (see PATCO ACH Fraud Ruling Reversed.) Was that appellate ruling fair? Based on the security practices that most banking institutions used in 2009, probably not. The case…
More transparency needed in Health Authority insider breaches
CBC News reports: Health authorities in Labrador and central Newfoundland acknowledge they have disciplined workers for previously-unreported privacy breaches. Last year, Central Health admitted to a serious breach of privacy involving 19 patients. The employee responsible was fired. Since then, the board has not publicly reported any other breaches — until being asked by CBC…
Australian Fishing Trade Association (AFTA) Hacked, 900 Accounts Leaked By #DoktorBass
Yet another Australian based website has been breached and had over 900 accounts leaked as a result. The website belongs to the Australian Fishing trade association (afta.net.au) who overlooks and helps setting standard for fishing gear and related stuff right across Australia and has been doing so since the 80’s. The attack just adds to the list of sites that we reported…
OR: Hacking cases down, still a threat: by the numbers
Some interesting stats in a news report by Queenie Wong in the Statesman Journal: Cybersecurity by the Numbers Since 2009, state agencies have been required to report the number of suspicious information security incidents to the state’s Enterprise Security Office, which is part of the Department of Administrative Services. All incidents are not necessarily considered…