Craig Hoffman discusses a ruling in a lawsuit against RockYou over a security breach that is noteworthy for the plaintiff’s somewhat novel approach to demonstrating injury due to the breach: A December 2009 SQL injection attack against social network application maker RockYou.com’s database resulted in the breach of 32 million log-in credentials ( e-mail address…
PA: Million dollar ID theft operation busted
David Henry reports: The Justice Department says it has busted an identity theft operation that cost a lot of people a lot of money. Investigators say 44-year-old Anthony Williams was the ring leader. A federal indictment charges him and 15 others with a massive identity theft operation that victimized hundreds of people over three years,…
UK: School in Oldham breaches Data Protection Act
Freehold Community School in Oldham has been found in breach of the Data Protection Act after the theft of an unencrypted laptop from a teacher’s car, the Information Commissioner’s Office (ICO) said today. The laptop contained personal information relating to 90 pupils at the school. The school reported the breach to the ICO in January…
No reasonable expectation of privacy in an emergency room
From the I-didn’t-know-that dept.: Patient privacy may not extend to the patient’s clothes or belongings. Via FourthAmendment.com: An officer who came to the trauma section of Grady Hospital in Atlanta could seize defendant’s clothing in plain view. Defendant had no reasonable expectation of privacy in the ER. United States v. Howard, 2011 U.S. Dist. LEXIS…
Texas Health Arlington Memorial Hospital breach notice
I finally tracked down an explanation for a breach entry in HHS’s breach tool that read: Texas Health Arlington Memorial Hospital,TX,, 654, 12/23/2010,Unknown ,Electronic Medical Record,, I had reported it on this blog last week, but here’s the undated notice that explains it: Texas Health Arlington Memorial Hospital is notifying our patients about a breach…
Texas fires two tech chiefs over breach
Jaikumar Vijayan reports: The Texas State Comptroller’s office has fired its heads of information security and of innovation and technology following an inadvertent data leak that exposed Social Security numbers and other personal information on over 3.2 million people in the state. Two other employees have also been fired over the incident, a statement posted…