When HHS’s breach tool reveals a breach I was not already aware of, I try to investigate or find media sources. Sometimes, despite my efforts, I can find nothing online to clarify a breach report. In some cases, I write to the organizations, who may – or may not – answer. Here are some breaches…
Missing or stolen Logan County Emergeny Ambulance Service Authority laptop contained data on over 12,000 patients
Logan County Emergeny Ambulance Service Authority in West Virginia notified HHS that a missing laptop contained protected health information on 12,563. The only coverage I can find on this was in the Logan Banner on November 18. Martha Sparks reported: Area residents who have been serviced by LEASA (Logan Emergency Ambulance Service Authority) may have their…
UK: Morecambe Bay Hospitals Trust under fire: Crudely-titled email sparks watchdog probe
Helen Perkins reports: A government watchdog has launched an investigation into an incident where midwives emailed an crudely-titled file with confidential patient details to an unknown party. The Health Service Ombudsman plans to probe staff at Furness General Hospital over a breach of data protection. Despite its confidential nature, an email by the University Hospitals…
AU: Railcorp blunder as personal details offered in rail sale (updated)
Finders, keepers? Can you just auction off lost USB drives left on trains without regard to whether they contain sensitive information? Maureen Shelley reports: A bunch of USB memory sticks, which hold private photos and data, left by passengers on Sydney trains were sold by Railcorp at a lost property auction. Computer security company Sophos,…
Telstra internal website made public, releasing account details of up to one million customers
Michelle Ainsworth reports: Account details of up to one million Telstra customers have possibly been breached after an internal website was made public. The website listed Telstra customers on bundle plans and included their names, plan types, contact they had had with Telstra customer service and in some instances their account passwords, the Herald Sun…
Hershey Medical Center employee fired after breach of Joe Paterno's records
Sarah Ganim reports: A Penn State Hershey Medical Center employee has been fired for allegedly accessing Joe Paterno’s billing and registration records without permission, according to a source with direct knowledge of the breach. It happened the day after the 84-year-old was fired from his longtime Penn State head football coaching job, but two days…