Tag Archives: Data Breach
Few Consequences For Health Privacy Law’s Repeat Offenders
by Charles Ornstein and Annie Waldman, ProPublica
ProPublica has reported on loopholes in [the Health Insurance Portability and Accountability Act] and the federal government’s lax enforcement of the law. … The data analyzed for this story show the problem goes beyond isolated incidents, carrying few consequences even for those who violate the law the most. … “Often, when we take a look into those breaches, what we find is that they were not accidents,” [said an OCR director]. “What contributed to the breach of thousands, if not tens of thousands of records, was systemic noncompliance . . . over a period oftentimes of years.” Read More ›
Paris Attacks Spark Another Fight Against Encryption
by Sean Sposito, San Francisco Chronicle
[Encryption “back-doors” for law enforcement] won’t necessarily weaken terrorist organizations’ ability to communicate with each other over the Internet. … But what it could do is make it easier for criminals and terrorists to access our financial, medical and other personal records, said Pam Dixon, the executive director of the World Privacy Forum in San Diego. They might find a way through the back-door as well. “Strong crypto means good security for all of us,” she said. “It means that banks and hospitals can secure financial and other transactions in our digital world.” Read More ›
Comcast Must Pay $33M To Settle Charges It Listed 75,000 Unlisted Phone Numbers
by Ashlee Kieler, Consumerist
The problem arose after Comcast implemented a new process for producing and disseminating listing information for its residential phone customers in late 2009. Under the system, Comcast sent non-published listings to a third-party company, while placing a “privacy flag” on the non-published listings. However, the flag was never attached to approximately 75,000 non-published/non-listed subscribers. As a result, that information – for which customers paid between $1.25 and $1.50 per month to keep unlisted – appeared in certain county phone books for the years of 2010 and 2011.
The issue came to light in 2012 … Read More ›
Who Else Has Accessed Your Medical Data?
by Lisa Zamosky, Los Angeles Times
So far in 2015 alone, there have been more than 32 health data breaches as a result of hacking, according to the U.S. Health and Human Services Office for Civil Rights. “Health records are more valuable to identity thieves than financial records, and they can actually be sold at a premium on the black market,” [says one expert]. … It’s a more complicated crime to resolve than financial theft, with fewer protections in place to help patients whose information is stolen. … Medical identity theft can also dangerously cause someone else’s health data to get intertwined with yours. Read More ›
UCLA Health System Data Breach Affects 4.5 Million Patients
by Chad Terhune, Los Angeles Times
This cyberattack at UCLA comes on the heels of a major breach of federal employee records and a massive hack at health insurance giant Anthem Inc. affecting 80 million Americans this year. The intrusion is raising fresh questions about the ability of hospitals, health insurers and other medical providers to safeguard the vast troves of electronic medical records and other sensitive data they are stockpiling. The revelation that UCLA hadn’t taken the basic step of encrypting this patient data drew swift criticism from security experts and patient advocates. Read More ›
70 Million Americans Report Stolen Data
by Donna Tapellini, Consumer Reports
While some of those incidents may have resulted from stolen credit cards or other crimes, many stemmed from data breaches. And, as a slew of widely reported breaches last year showed, not only online shoppers are at risk. According to Consumer Reports’s survey, 79% of those notified of a data breach were told by a brick-and-mortar store or a financial institution. Just eighteen percent said the problem originated with an online retailer. Read More ›
Federal Data-Breach Bill Would Replace Dozens Of Stronger State Laws
by David Lazarus, Los Angeles Times
Among other significant differences between the federal bill and the state’s notification law, according to the Consumer Federation of California: The federal law would eliminate a state requirement that the California attorney general be given notice of any security breach; it would allow the state attorney general to file a civil lawsuit but prevent individuals from suing over a data breach; it would no longer require breached companies to provide free ID theft protection services, such as credit monitoring and fraud alerts. Read More ›
AB 886 (Chau) Protects Uber Passenger Privacy
SACRAMENTO – Assembly Bill 886 (Chau, D-Monterey Park) will protect the sensitive personal information and credit card records of passengers using transportation network companies (TNCs) such as Uber. Read More ›
Report: Medical data breaches are rising, with no end in sight
by Victoria Colliver, San Francisco Chronicle
These health data attacks give hackers all the information they need to assume a patient’s identity, launch targeted “phishing” attacks, clean out bank accounts and commit crimes under the victim’s name, said Pam Dixon, executive director of the World Privacy Forum, an arm of a nonprofit public interest research group in San Diego County. “What we have found with working with victims of medical identity theft is that most don’t find out for about two years,” Dixon said. “The sophisticated criminals who are committing these crimes are waiting to act on the data so there is less risk of being caught.” Read More ›
Stolen Uber User Logins Are For Sale On The Dark Web: Only $1 Each
by Robert Hackett, Fortune magazine
The information is being advertised for sale on the black market AlphaBay, a website that can only be accessed through the Tor browser, an anonymity-preserving network used by political dissidents, privacy-minded Internet users and criminals. One person using the alias “Courvoisier” claims to have “thousands” of “hacked accounts” for sale, each for as little as $1. Read More ›
Government DNA Collection Under Microscope In California
by Jeremy B. White, The Sacramento Bee
Assemblymember Mike Gatto has a pair of bills that would allow parents to have their babies’ samples destroyed, and dictate when police officers can glean DNA. With the support of district attorneys, Assemblyman Jim Cooper has a bill allowing DNA collection from people convicted of certain misdemeanors. Read More ›
Anthem Hack: Could The Insurer Have Prevented It?
by Matt O'Brien, San Jose Mercury News
[Critics] say encrypting personal data could have helped. “They claim it’s the expense. Really, there’s no excuse,” said Beth Givens, founder and director of San Diego-based Privacy Rights Clearinghouse. “They don’t want to take the time and effort to decode it.” … Anthem’s breach affected up to 80 million people, far more than the 37.5 million actually covered by the insurer as of December, according to the company’s most recent earnings report. Those hacked included not just Anthem employees but also many former Anthem subscribers, many of whom long ago dropped the insurer. Read More ›
Anthem Hacked; Health Insurance Data On Up To 80 Million Exposed
by Chad Terhune and Ryan Parker, Los Angeles Times
“If confirmed, we are dealing with one of the biggest data breaches in history and probably the biggest data breach in the healthcare industry,” said Jaime Blasco, vice president and chief scientist at AlienVault, a San Mateo, Calif., information security firm. “For individuals, in a few words, it is a nightmare,” he said. “If the attackers had access to names, birthdays, addresses and Social Security numbers, it means that information can be easily used to carry out identity theft schemes.” Read More ›