An update to HHS’s web site this morning includes some recent breaches we already knew about from other sources, but it but also includes a few breaches we didn’t know about or additional information on other breaches. In addition to the Wright State Physicians incident, reported in another post: Beauty Dental, Inc. in Illinois reported…
Baton Rouge man pleads guilty to ID theft
Another reminder of what can happen if you don’t know who’s printing out computerized data: A man alleged to have stolen $150,000 while using the credit information of at least 30 current or retired Baton Rouge police officers has pleaded guilty to aggravated identity theft. In a plea agreement with federal prosecutors, 48-year-old Alton K….
FIFA Ticketing Partner in Security Breach
From the not-very-sportsman-like dept. FIFA [Fédération Internationale de Football Association] is liaising with its official ticketing partner Match after a massive security breach compromised the details of 80,000 of its customers, including Sweden’s former Prime Minister and the head of Norway’s national bank. An investigation by the Norwegian newspaper Dagbladet reveals that confidential lists with…
Trashed laptop contained patient information
Be careful where you put your laptop. An Ohio group learned that lesson the hard way after a laptop left next to a waste can was thrown out by cleaning personnel who assumed it was meant for trash. The laptop contained information on 1,309 patients. In a notice on their web site, Wright State Physicians…
Making Sense of Security Breach Cost Numbers
Larry Walsh writes: What is the most expensive security breach ever? Before you answer, read the rest of this blog (trust me, you’re probably wrong). According to a recent report by the Ponemon Institute, the mean corporate loss to IT security breaches last year was $3.8 million. During the four-week study period, participating companies reported…
Data breach demonstrates need for access control policies
Remember the breach reported a few weeks ago when a Freedom of Information request uncovered that a Canada Revenue Agency employee had been mining the database to identity high-wealth individuals that she might recruit as customers for her side business? The individuals whose data were accessed were never notified of the incident because the government…