Siouxland Pain Clinic sent letters Friday to more than 13,000 patients that their medical and other personal information may have been exposed in a hacking attack, a lawyer for the clinic said Monday.
“We never did prove that any information was taken, but we could not disprove that, either,” said Lonnie Braun, an attorney in Rapid City, S.D.
Braun said patients’ names, medical information, Social Security numbers and addresses may have been compromised when the clinic’s server was hacked between March 26 and April 2.
The clinic was notified of the breach June 26. Braun said the firm that discovered it said the investigation showed the hackers were Chinese.
I personally had VA VocRehab mistakenly mail an entire copy of my file to my old address from two years earlier – a large apartment complex in a major American city. There is no telling where the files ended up.
Veterans Affairs indignantly declined to proactively retrieve the documents and told me to call the cops if I was worried about it. I repeat, the agency made me do the leg work to try to recover my files that were mistakenly delivered to the wrong address.
I did call the cops. They were confused why VA would not take charge of the recovery of my files and said their was little they could do unless a crime was committed.
VA offered me one year of identity protection. That was it. Meanwhile, over 1,000 pages of files containing everything about me were misplaced and now floating around somewhere in the United States.
Did anyone get reprimanded for the cockup? No. Did I get the records back? No.
What a crock. How is it that we live in a country where the Federal government is not held accountable?
The Senate Appropriations Committee has approved funding to provide the 22 million individuals affected by the OPM data breaches with 10 years of credit monitoring services and $5 million in liability protection for damages, extending the OPM’s offer of three years of services for those affected by the background check breach and 18 months for those affected by the breach of personnel records.
OPM also requested an appropriation of $37 million to beef up its security, but the request was rejected by the Committee.
The voice vote approval must move through both the House and the Senate before the protections can become available to affected individuals.
Special ReportDuncan Campbell has spent decades unmasking Britain’s super-secretive GCHQ, its spying programmes, and its cosy relationship with America’s NSA. Today, he retells his life’s work exposing the government’s over-reaching surveillance, and reveals documents from the leaked Snowden files confirming the history of the fearsome ECHELON intercept project. This story is also published simultaneously today by The Intercept, and later today we’ll have video of Duncan describing ECHELON and related surveillance matters.
A major information-sharing bill that’s in the Senate right now would allow private organizations to share threat data with any government agency, something that the Department of Homeland Security says could have severe privacy implications and cause confusion and inefficiencies inside the federal government.
The bill, known as the Cybersecurity Information Sharing Act, would allow private companies and other organizations to share vulnerability information and threat indicators with government agencies under most circumstances.
As new privacy laws governing the use of commercial drones begin to take effect, independent insurance agents are finding difficulty adequately sourcing the risk of privacy-related litigation against drone users.
According to Jason Riley, vice president of aviation wholesale broker Halton Hall, many insurers are willing to offer aircraft liability policies or aviation CGLs for drones. Components coverage, though expensive, is also available for cameras, gimbles and other accessories.
What’s harder to find is coverage for potential privacy violations.
Shutterfly is asking a federal judge in Illinois to dismiss a lawsuit accusing the company of violating a state privacy law by compiling a database of “faceprints.”
“Helping a user re-identify his own friends within his own digital photo album does not violate any law,” Shutterfly writes in a dismissal motion filed on Friday with U.S. District Court Judge Charles Norgle in Illinois.
Shutterfly’s papers come in response to a lawsuit filed in June by Illinois resident Brian Norberg.
Could this be the incident that finally gets everyone in the IoT industry to — as I’ve said repeatedly in the past — make privacy and security Job 1 — and to drop the lobbying groups’ argument that government regulation isn’t needed?
I hope so, because the IoT’s future is at stake, and, frankly, not enough companies get it.