John O’Brien recaps the Accretive Health news reported on this blog last week (here, here, and here): A New York City law firm has followed up on Minnesota Attorney General Lori Swanson’s lawsuit against Accretive Health, filing a securities class action suit against the company. In January, Swanson filed a suit against Accretive, a Chicago…
ICANN to notify domain applicants of data breaches
Georgina Prodhan of Reuters reports: Organizations taking part in the most ambitious expansion of the Internet so far will find out next week whether their applications for new domain names could have been viewed by competitors as a result of a software bug. […] Beckstrom said he was confident the glitch in the system had…
Columbia U. notifies faculty and proprietors that their SSN and bank account numbers were exposed on the Internet for two years
A reader kindly alerted me to the fact that Columbia University sent out breach notices last week. The letter, dated April 21, informed recipients that 3,000 current and former employees, as well as 500 sole proprietors had their names, addresses, Social Security numbers and bank account numbers exposed on the Internet. The names of…
AU: OAIC updates data breach guidelines
Hamish Barwick reports: The Office of the Australian Information Commission (OAIC) has updated its voluntary data breach guidelines as a means of encouraging organisations to notify the public in the advent of a data breach. The new guidelines, entitled Data breach notification, update the August 2008 Guide to handling personal information security breaches. Information Commissioner, John McMillian,…
CA: Tossed tax files found
Beatriz E. Valenzuela reports that a bag of discarded tax files was found behind a Hesperia business. Thankfully, it was found by someone in law enforcement: “It was a black canvas bag full of payroll files,” Hill said, with personal information such as Social Security numbers. “There were 12 to 14 bundles of files and…
UK: ICO issues first penalty to the NHS following serious data breach
From the Information Commissioner’s Office: A Welsh health board has become the first NHS organisation to be served a monetary penalty following a serious breach of the Data Protection Act, the Information Commissioner’s Office (ICO) said today. The Aneurin Bevan Health Board (ABHB) has been issued with a penalty of £70,000 after a sensitive report…