May 222019

Times Now reports:

The special task force of the Uttar Pradesh police has arrested four persons for allegedly stealing the credit card data of 50,000 users. The victims include both police and army officers some of whom were duped. The accused have been identified as Sanjit alias Sandeep, Baldev, Tapeshwar and and Gajendra, all of whom are residents of Ghaziabad.

The arrests were made by Noida branch of the STF from Diamond Flyover in Ghaziabad on Monday. The accused bought the data from two employees of a private financial services company that handles data of various public sector and private banks.

Read more on TimesNow.

May 102019

WHAM reports:

A student in the Gates Chili Central School District is being charged as an adult after allegedly hacking into the account of the former superintendent.

Ajay Bhattacharyya, 17, was arraigned Friday evening on eight felony counts: Two counts of computer trespass, two counts of identity theft and four counts of falsifying business records.

It is alleged the defendant hacked into the account of former superintendent Kimberle Ward, retrieved her password and gained access to grade point documents, discipline records and other personal information.

Read more on WHAM.

May 102019

Sophia Beausoleil reports:

A Memorial Hermann employee has been suspended after he was charged with credit and debit card abuse.

He’s accused of stealing patients information to pay for rent, buy food and purchase rides to work.

According to Harris County court records, 26-year-old Elliott Phylow admitted to Harris County Precinct Four constables that he used credit card information from patients who went to Memorial Hermann Hospital for care.

Read more on Click2Houston.

While this may not seem like a major breach as HIPAA breaches go, this may have stung the board room there, as Memorial Hermann has made headlines in 2003, 2009, and 2014 for cases involving rogue employees, and those may not be the only cases involving employees.

Is there some magic number or ratio above which HHS/OCR will start to look seriously at why an entity has multiple insider-wrongdoing breaches?  If so, what is the magic number or ratio?

May 102019

Terrace Myles reports on some recent pranks, including this one:

Labelle Senior High School students managed to send an email addressed to all faculty, staff, and students about a “Mandatory Penis Inspection,” yes you read that correctly.

“It was something funny, but at the same time it was something scary,” said Kenneth Carrion, a parent who lives in Labelle. Carrion says he found the humor in it, but he says it’s something serious too.

Read more on Fox4.

May 072019

WRIC reports:

Imagine having your personal and medical information stolen not once, but twice. It happened to a VCU Health System patient. And it was an inside job.

“It’s extremely frustrating,” said that patient, who our sister station WRIC is not identifying. “You live in that fear, will my money be taken, will accounts be opened up in my name?”

The news of the security breach came in a letter. It stated her “clinical information, name, social security number, diagnosis and medications” had been inappropriately accessed by an employee.

Read more on Virginia First.