Post-Breach Firings Lead Roundup

Employees Viewed Health Info; Cyberattack Hits Health Exchange
Post-Breach Firings Lead Roundup

In this week's breach roundup, five employees of the British Columbia Ministry of Health's pharmaceutical services division have been fired after inappropriately accessing medical information. Also, hackers recently posted garbled words and blurred headlines on the informational pages of the Utah Health Exchange's website.

See Also: OnDemand | Realities of Choosing a Response Provider

5 Fired After Health Info Breach

Five employees of the British Columbia Ministry of Health's pharmaceutical services division have been fired after they inappropriately accessed medical information, according to CBC News.

The employees, who were at first suspended, worked in the area of research and evidence development, awarding drug research contracts for the ministry in Canada, according to The Vancouver Sun.

The ministry workers and two research contractors inappropriately accessed health data, according to the ministry. The agreements with two research contractors have been terminated until an investigation into the incident has been completed, the report explains.

'Graffiti' Hack Affects Health Exchange

Hackers recently posted garbled words and blurred headlines on the informational pages on the Utah Health Exchange, a virtual marketplace where small business employers and employees can shop for health insurance and obtain price quotes, according to The Salt Lake City Tribune.

""It was a pure act of graffiti," Mike Sullivan, spokesman for the Governor's Office of Economic Development where the exchange is housed, told the newspaper. "You couldn't access some of the pages."

For 10 days the insurance exchange's website was "inoperable," Sullivan says, although no personal information apparently was compromised. All transactions involving sharing personal information are conducted on a separate site.

The attack comes in the wake of a breach of a server at the Utah Department of Technology Services that affected 780,000 individuals (see: Utah Breach: Governor Takes Action).

Phishing Scheme Affects 2,500

Approximately 2,500 clients are being notified by the Cabinet for Health and Family Services in Kentucky about a breach caused by an employee responding to a phishing e-mail in July.

An employee with the Cabinet's Department for Community Based Services responded to a phishing e-mail, and unauthorized activity on the account was identified shortly thereafter, according to a press release. The account was then disabled.

The hacker had access to the account for a brief period of time; the cabinet says there's no evidence that the confidential contents were accessed or viewed. Those being notified include individuals in the National Youth Transition Database, which consists of individuals transitioning out of the foster care system, the release says. Some of the affected individuals are still minors, according to Gwenda Bond, a cabinet spokesperson.

Information in the database includes names and addresses. "Neither Social Security numbers nor health information/diagnoses are included in the database," Bond says.

Stolen Laptop Affects Children

The Edinburgh City Council in Scotland, which operates a foster care system, is notifying an undisclosed number of individuals after a laptop computer containing sensitive details on children was stolen from a member of the fostering and adoption panel, according to the Edinburgh Evening News.

Information on the laptop may include details on children who were removed from their parents by social services, the news report says. Other compromised information includes files and minutes from dozens of reviews. Police are conducting an investigation.


About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.