Mar 272017

Michael Boren reports:

A former Philadelphia doctor hacked into the cell phone, email, and social media accounts of several former classmates at Burlington County’s Delran High School, from which he graduated in 2005, and then made copies of their photos, authorities said.

Peter Grossman, 29, who lives in Center City, was charged with identity theft and invasion of privacy. He was previously a physician at Thomas Jefferson University Hospital in Philadelphia. Officials there confirmed he was a former employee but would not offer further details Monday.

Read more on Philly.com

Mar 272017

Whoa. While investigating an employee W-2 breach that DataBreaches.net first alerted them to in February, Daytona State College discovered that they had had another breach – one involving student financial aid applications. The breach affected the personal and financial information of an unspecified number of students and their parents.

Read more on WFTV.

Mar 272017

March 17 –

On January 17, 2017, Estill County Chiropractic (“ECC”) discovered that an unauthorized user installed malicious software on its computer system that encrypted patient files. ECC immediately shut down the system. Although ECC was already taking security precautions, ECC replaced the system and included additional security measures.

ECC worked diligently to restore files that contained patients’ health information, and also hired a computer consultant to help determine how this event happened. ECC believes there were initial instances of unauthorized access to its system beginning January 6, 2017, ending with the encryption of files on January 17, 2017.

While ECC’s computer consultant’s investigation did not indicate that patient information was actually taken or viewed, ECC also cannot entirely rule this out. The types of information that may have been viewed during this time frame include patient names, email addresses, phone numbers, addresses, dates of birth, Social Security numbers, clinical information, provider notes, diagnosis information, claims, and health plan numbers.

ECC has arranged with Equifax Personal Solutions to offer patients who may be impacted credit monitoring at no cost to the patient for a period of one year. Those patients will receive a letter with information on how to enroll in the credit monitoring offer.

Read more of their notification on their web site.

Mar 272017

Ng Kang-chung reports:

In what could be one of Hong Kong’s most significant data breaches ever, the personal information of the city’s 3.7 million voters was possibly compromised after the Registration and Electoral Office reported two laptop computers went missing at its backup venue for the chief executive election.

The devices also stored the names of the 1,200 electors on the Election Committee who selected Carrie Lam Cheng Yuet-ngor as Hong Kong’s new chief executive on Sunday.

Read more on South China Morning Post.

Mar 262017

Julia Medew reports:

A hospital is being investigated for breaching the privacy of dozens of patients after medical records revealing a “swollen penis” and mental illnesses among other things, were found in a Coburg street.

The Australian Information and Privacy Commissioner Timothy Pilgrim is investigating how the records of 31 patients were removed from the John Fawkner Private Hospital in Melbourne’s north last month.

Read more on The Age.