Credit report monitoring

Sensitive information posted on Lone Star’s website

February 21st, 2015

Lone Star suffered data breach when sensitive data was posted on its website by the third party company working for them. According to the reports, exposed information included names, addresses, phone numbers and some dates of birth.

Lone Star CEO Rhonda Mudhenk told Roser that no financial information was compromised, and that the company at fault no longer works on Lone Star’s website.

Lone hired security expert to determine the parameters of breach. It is observed that many unauthorized individuals accessed the information. The clinic is offering one year credit monitoring services to the affected patients.

Mudhenk told Roser that Lone Star was taking the breach seriously, that the organization wanted to assure patients that no financial information was impacted, and that only five individuals had their full or partial Social Security number exposed.

Previous Lone Star breaches includes below incidents:

  • Lone Star suffered a data breach in May 2013 after an employee’s laptop was stolen affecting Protected Health Information (PHI)
  • The online exposure of information happened to the District Medical Group (DMG) affecting an unknown number of patient’s protected health information (PHI)

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

A box of documents spilled off of a courier truck

February 13th, 2015

Kaiser Permanente suffered possible data breach when a box of documents spilled off of a courier truck. Incident took place during transit of box from Kaiser Permanente’s Kona Medical Office to storage. The company is notifying about 6,600 patients which includes – 4,000 patients who has their prescriptions electronically filled and the information may have been printed and included in the box of documents. The other 2,600 patients had their prescription paperwork in the box.

“Swift action by Kaiser Permanente employees allowed the retrieval of many of the documents, but unfortunately, not all were recovered,” the statement explained.

The documents were expired prescriptions. Affected information includes names, addresses, dates of birth, and medical record numbers. Moreover, the type and amount of specific medications were on the papers.

“You may get a letter and still not be affected,” Kaiser spokesperson Laura Lott told the news source. “But, we’re being very cautious because it’s the right thing to do.”

According to Kaiser Permanente statement:

Organization will offer credit monitoring to members whose Social Security numbers or driver’s license numbers was potentially exposed.

We are taking this matter very seriously and will inform each of the individuals whose information may have been involved in the incident,” Kaiser Permanente said. “As part of our outreach we are advising affected individuals to contact one of the national credit reporting agencies (Equifax, Experian, or TransUnion) to place a fraud alert on their file.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Dorn VA medical center may have suffered data breach

September 9th, 2014

The Dorn Veterans Administration Hospital may have suffered data breach after officials recently came to know that several boxes with patients’ information had gone missing. According to the reports, four boxes of pathology reports that were stored in a locked area are not present in the desired place.

“We are contacting our Veterans who may have been impacted,” Medical Center Director Timothy McMurry said in a statement. “For we take the loss of personal information very seriously.”

Details of the boxes are –

  • Records in question are only from the years 1999, 2000, and 2002
  • Patients’ names, Social Security numbers (SSNs) and pathology reports are included in the missing files
  • 2,000 patients may have had their personal information compromised

Dorn officials came to know about the missing boxes when they planned moving them in long term storage facility. Officials believe that till date no information is being misused however they mentioned that one year of free credit monitoring is available to veterans who are notified in writing. This is not the first time that Dorn found itself face-to-face with a security issues, earlier unprotected laptop was stolen. According to the reports, patient names, birth dates, weight, race, respiratory test results and partial Social Security numbers (last four digits) were all included on the pulmonary testing lab laptop. Till date, laptop is not recovered.

Connecticut based Access Health in the process of data breach notification

June 2nd, 2014

The Connecticut state health insurance exchange, Access Health CT suffered data breach after its vendor’s employee lost a backpack. According to the reports, bag contained notepad having information which includes 413 handwritten names, 151 Social Security numbers, and an undisclosed number of birthdates.

“While we are still working to understand exactly why this person took the information out of the building, based on what we have learned so far it does not appear there was malfeasance on the part of this person,” Jason Madrak, Access Health’s chief marketing officer, said in a statement Sunday.

Access Health has provided one year free credit monitoring and also understanding cause and prevention of such incidents. It is in the process of notifying the affected patients about the breach. Count for affected patient’s stands at 413 according to initial reports.

“The attorney general takes matters of privacy and data security seriously,” Jepsen spokesman Robert S. Blanchard said in a statement. “Consistent with our practice in past breaches by other custodians of personal information, we reached out on Friday to Access Health CT regarding the incident and its plans to protect those potentially affected. We expect those discussions to continue as we seek to ensure that Connecticut residents’ privacy and personal information is protected. In particular, the office is seeking to determine how this incident occurred, what security procedures and policies were in place before the incident, and what is being done to reduce the risk of future breaches occurring.”

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

University of Delaware’s system hacked

July 29th, 2013

University of Delaware is a major research institution, and one of the oldest universities in the US. UD has become the victim of recent data breach incidents, as personal information of more than 72,000 past and present employees was compromised from the university’s system.

Email had been sent by the university to ensure that those affected are properly informed. To pin down the scale of the breach and to identify any other risk, investigators have been called in.

A system was set up for the employees to check if they were affected or not, all the affected employees were offered credit monitoring services to keep an eye out for potential identity theft.

The risk of identity theft is high as the data stolen included names, addresses, university IDD numbers and Social Security Numbers.

The FBI and forensic teams are probing further, but so far few specifics have emerged, beyond the rather vague statement in the official announcement that the breach was down to “a vulnerability in software acquired from a vendor” – basically saying the fault was with some piece of software not created internally, which doesn’t really narrow the field very much.

However, local news sources claim the flaw was in Struts2 software, which suggests the hack is related to Java.

“The University will not contact you and ask to confirm any of your personal information. If an unknown person contacts you and claims that he or she can help you if you would just confirm your personal information, do not surrender any information,” the university stated.

The university is working with FBI officials on the issue, and is trying to make sure something like this doesn’t happen again. Local news report suggested that the breach was first spotted more than a week ago, leading to sections of the university website being inaccessible for a time.

Get your personal as well as office laptops encrypted by Alertsec

With so much vulnerability on public networks unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen. Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta