An NHS board breached data protection rules when a member of staff lost sensitive patient records, an investigation has found. The medical records of patients at a secure hospital near Falkirk were uploaded onto a personal memory stick, which was then lost. It was found by a 12-year-old boy in a supermarket car park in…
Five indicted in Johns Hopkins Hospital ID theft ring
A federal grand jury has indicted the following five Maryland defendants on fraud and aggravated identity theft charges in connection with a scheme to use stolen hospital patient identity information to open fraudulent credit accounts and make purchases on “instant credit” at retail stores in Maryland: Michael Allen, age 34, of Baltimore, Jasmine Amber Smith,…
Pirate Bay User Database Exploited By Spammers
Ernesto writes that a recent hack of The Pirate Bay may be linked to some recent spam users have been receiving: Two months ago a group of Argentinian hackers successfully gained access to The Pirate Bay’s admin panel through a security breach. At the time, the hackers stated that they didn’t want to exploit the vulnerability,…
37 Charged in Global Bank Fraud Schemes that Used “Zeus Trojan” and Other Malware to Steal Millions of Dollars from U.S. Bank Accounts
Charges have been filed in New York against 37 defendants, in 21 separate cases, for their roles in global bank fraud schemes that allegedly used hundreds of false-name bank accounts to steal over $3 million from dozens of U.S. accounts that were compromised by malware attacks. According to Complaints unsealed today in Manhattan federal court,…
Article: Data Protection and Data Security Issues Related to Cloud Computing in the EU
Lawyer Paolo Balboni of the European Privacy Association, Italian Institute for Privacy, and Tilburg University has an article that has been made available on SSRN. Here’s the abstract: We are in the midst of a revolution within computing. It goes under the name of cloud computing. Analysts estimate that in 2012, the size of the…
Update on my FOI request to HHS/OCR for breach reports
I received a phone call from OCR this morning to discuss my FOI request for the breach reports HHS is receiving under HITECH regulations. I had requested electronic copies of the reporting forms breached entities submitted via HHS’s web site. The conversation was a bit of an eye-opener for me. First, it turns out…