Jocelyn Wright provides additional details on the previously mentioned breach involving a device stolen from Rice University. As the headline indicates in their student newspaper suggests, it appears that the device was stolen off-campus, although the university is not providing additional detail on that. The article also indicates that the data on the…
CA: 33,000 patient records sold for the value of the paper
I saw this press release on the breach I mentioned yesterday on PHIprivacy.net where a janitor allegedly sold 14 boxes of patient records to a recycler for the value of the paper although I cannot find a copy of this press release on either the DHS web site or the LASD web site: The Los…
Anthem Blue Cross is sued over data security breach
Duke Helfand reports: An applicant for Anthem Blue Cross insurance has sued the giant insurer over allegations that it failed to protect his confidential information from computer hackers who gained access to the company’s internal records earlier this year. The lawsuit, filed by Patrick Magorien of Sacramento, stems from a security breach involving attorneys who…
Follow-up: Kinetic Concepts’ notification to employees
Earlier this month I linked to a media report about a breach at Kinetic Concepts involving an email attachment containing personal info on employees. A copy of their notification to affected employees is now available on the website of the New Hampshire Attorney General.
Saint Anselm College alumni mailing exposed SSN
Back in May, Saint Anselm College notified the New Hampshire Attorney General’s Office that a spring 2010 mailing of its alumni newsletter had inadvertently exposed SSN of 122 New Hampshire residents on the mailing labels. This month, Saint Anselm notified the office that it seemed that the exposure problem had occurred as early as its…
When your database of all staff is on a flash drive that goes missing…
On boy…. On September 9, Cooper University Hospital in New Jersey notified the New Hampshire Attorney General’s Office that a flash drive with a database of employees’ personal information was discovered missing on July 8, less than 24 hours after the database had been copied to the drive. The drive went missing from the Graduate…