Phoenix Cardiac Surgery, P.C., of Phoenix and Prescott, Arizona, has agreed to pay the U.S. Department of Health and Human Services (HHS) a $100,000 settlement and take corrective action to implement policies and procedures to safeguard the protected health information of its patients. The settlement with the physician practice follows an extensive investigation by the…
UK: Web exposure breach at Toshiba last summer revealed … today?
Toshiba Information Systems (UK) have breached the Data Protection Act (DPA) after the personal details of 20 competition entrants were compromised by a security flaw on their website, the Information Commissioner’s Office (ICO) said today. The ICO was informed by a member of the public in September last year that the personal details of individuals…
UK: Briefcase stolen from social worker's home contained details of child protection cases
Leicestershire County Council have breached the Data Protection Act (DPA), following the theft of a briefcase containing sensitive personal data from a social worker’s home, the Information Commissioner’s Office (ICO) said today. The ICO was informed by the Council in May 2011 that a briefcase, containing documents to be used for initiating court proceedings, had…
Computer specialist who had warned Iranian banks about vulnerability, hacks and dumps 3 million accounts to make his point
Is it just me, or have these folks missed the point? From The Tehran Times: A computer specialist, who used to work for a PSP (payment service provider) company which offers a number of Iranian banks services for accepting electronic payments, has hacked accounts of three million bank customers to show the vulnerability of the…
Duke University Health System notifies patients of breach-that's-not-called-a-breach? (updated)
If you’re not familiar with bankruptcy proceedings, you may be as confused by this breach notice by Duke University Health System as I was. After reading it a few times, I finally thought I may have understood what happened, but then I read Jeff Drummond’s blog post as to why the DUHS never called this…
BPAS hacker sentenced to jail
James Jeffery, who pleaded guilty to hacking the British Pregnancy Advisory Service in March, has been sentenced to two years and eight months in jail.