Thursday, April 30, 2015

Nurse Stole 900 Patient IDs

A nurse allegedly stole the identities of 900 patients of a Los Angeles mental health facility.

The stolen patient data included names, medical and insurance information, birth dates, Social Security numbers, diagnoses and other personal information. Although the breaches occurred from 20 2011 - 2015 they were discovered by law enforcement on April 3, 2015.

"Patients treated at the facility between 2011 and 2015 were affected by the breach."
- spokesman for the LA County Department of Health Services
Unfortunately it is not unusual for law enforcement, rather than the organization holding patients' private data, to discover ID thefts. Organizations seeking to proactively detect identity thefts and privacy data breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Theft of private data on 900 L.A. County-USC patients investigated - www.LAtimes.com,
04/29/2015

Wednesday, April 29, 2015

Tiger Impersonator Ex Stole Patient Records to Fake Pregnancy

A New York nurse has been charged with stealing medical records in a desperate bid to keep her former boyfriend, a Tiger Woods impersonator, in a relationship.

She told him she was pregnant and showed him images of a positive pregnancy test, ultrasound and hospital lab work to prove it to him. However, the items she showed him came from patient records at the hospital where she was employed.

"[she] allegedly stole medical records of patients in a desperate bid to keep [her ex-boyfriend] in her clutches."
- NY Prosecutor, Laura Millendorf
Unfortunately this seems to be another breach of patient privacy that was discovered by law enforcement, not the organization holding the personal health information (PHI). Healthcare organizations seeking to proactively detect data privacy breaches and identity thefts can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Tiger impersonator’s ex ‘stole medical records to fake pregnancy’ - www.NYpost.com, 04/21/2015

Tuesday, April 28, 2015

Prison Guard Stole Inmate IDs for Tax Fraud

A Florida prison guard has been sentenced to three years behind bars for stealing inmates' IDs and using them to file fraudulent tax returns.

The identity thefts took place from 2008 - 2011. At the prison he had access to inmates personal identifying information (PII). He stole at least 50 inmate IDs and, working with a co-conspirator, obtained $350,000 in tax refunds.

"At the prison, [he] had access to prisoner records, including Social Security numbers."
- Local 10 News
It is unclear who discovered the ID thefts and why they occurred for three years. Organizations seeking to proactively detect identity thefts and data privacy breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Former Miami-Dade prison guard sentenced for stealing inmates' identities - www.Local0.com, 04/24/2015

Monday, April 27, 2015

Hospital Employee Stole Patient IDs for Unemployment Fraud

A judge sentenced a Texas healthcare worker to more than 10 years in federal prison for stealing patient identities and using the information to claim unemployment benefits. This fraud has cost taxpayers more than $1.2 million in stolen benefits.

The woman, a transplant assistant, had access to information of patients and transplant donors and stole names, Social Security numbers and dates of birth.

"she had access to information of patients and [transplant] donors and stole names, Social Security numbers and dates of birth." - Court documents
The fraud was discovered when a victim tried to file for unemployment benefits. Rather than have identity theft discovered by a third party, organizations can proactively detect it with low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) TX: Former Methodist Healthcare employee sentenced to more than 10 years; stole patient info for unemployment benefits - www.DataBreaches.net, 04/24/2015

Friday, April 24, 2015

Employee Used Mobile Phone to Steal Patient IDs

A former employee of a health insurance provider was found to have screenshots of patients' personally identifiable information (PII) on her mobile phone.

The identity thefts took place during the period from 2007-2013 but the insurance company did not know about the data thefts until December 2014 when they were notified by the IRS.

"the former employee’s personal cell phone was confiscated and pictures of screen shots from [the insurance company's] computer screens were found on it."
- insurance company letter to attorney general's office
Unfortunately, third parties, rather than the organization holding the PII, are often the first to discover identity thefts. However, this is not the case for organizations that utilize low-cost on-demand SaaS analytics to proactively detect identity thefts and data privacy breaches, even when a mobile phone is used to capture screenshots.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Aetna Notification to Maryland State Attorney General's Office - www.OAG.state.MD.us, 03/29/2015

Thursday, April 23, 2015

Employee Stole IDs from Unemployment Database

An employee of a state unemployment office stole clients' Social Security numbers and other personally identifiable information. (PII).

The employee, who no longer works for the unemployment office, obtained the PII by inappropriately accessing the state's Department of Labor Unemployment Insurance database.

"employee improperly accessed and acquired their information from an unemployment insurance database."
- Vermont Department of Labor
It is unclear how the identity thefts were discovered. Organizations seeking to proactively detect ID thefts and data privacy breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Unauthorized Acquisition of Unemployment Insurance Database Information - www.Vermont.gov, 03/27/2015

Wednesday, April 22, 2015

Healthcare Worker Stole Patient IDs for Tax Fraud Ring

Two members of a tax refund fraud ring (SIRF) have pleaded guilty to charges brought against them by the US Attorney's Office, Southern District of Florida.

A healthcare worker at an assisted living facility stole patient IDs and gave it to others in the ring who used to file the fraudulent tax returns.

"they conspired to file fraudulent tax returns using the stolen identities of assisted-living facility residents ."
- US Attorney's Office, Southern District Florida
It is unclear how the identity thefts were discovered. Healthcare organizations seeking to proactively detect identity theft and privacy data breaches can utilize low-cost on-demand SaaS analytics.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Two Plead Guilty in Tax Refund Fraud and Identity Theft Scheme - www.DOJ.gov, 04/16/2015

Tuesday, April 21, 2015

Privacy Commissioner Seeks Prosecution for Rob Ford Breach

Two hospital employees, who inappropriately accessed former Ontario Mayor Rob Ford's medical records, have been referred by the Office of the Information and Privacy Commissioner to the Attorney General for prosecution.

If the duo is convicted, this would mark the first successful prosecution under the province’s health privacy law, which came into force more than a decade ago. They could each face fines of up to $50,000.

"The two health professionals who allegedly snooped into former mayor Rob Ford’s medical records [should] face prosecution."
- Brian Beamish, Ontario Privacy Commissioner
The commissioner’s request for action sends a clear message to all health care professionals that it is not acceptable to “rifle through someone’s medical file just because you’re curious,” according to former Privacy Commissioner Ann Cavoukian. Ford’s health records have been breached on four separate occasions in at least three Toronto hospitals since his cancer diagnosis last September.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Ca: Privacy commissioner calls for prosecution over Rob Ford privacy breach - www.DataBreaches.net, 03/25/2015

Friday, April 17, 2015

$19M Settlement in Target Privacy Breach Lawsuit

Target has settled lawsuits with banks and credit unions issuing MasterCards that were affected by a 2013 data breach that compromised 40 million debit and credit cards.

Target is setting aside $19 million for the financial services institutions for operating costs and fraud-related losses on cards impacted by the data privacy breach.

"[the breach] rattled shoppers who stayed away from the retailer as they were nervous about the security of their private data."
- ABC News
The breach which occurred during the holiday season rattled customers about the security of their private data. Target and has overhauled its security and technology operations as a result of the massive breach.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Target Settles Data Breach Lawsuit With MasterCard for $19M - www.ABCnews.com, 04/16/2015

Thursday, April 16, 2015

Curious Hospital Employee Breached Patients' Privacy

A healthcare worker in Canada accessed 39 confidential patient information out of curiosity about friends and neighbors.

She had nothing to do with the care of these patients and therefore was not authorized to look at their records. Her employment with the hospital has been terminated.

"an employee who had nothing to do with the care of 39 patients accessed their health records out of curiosity about friends or neighbours."
- Health Authority
The breach was discovered after third party allegations about the inappropriate access. Rather than learn of data privacy breaches from third parties, healthcare organizations can detect them proactively with low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Curious employee breached privacy of 39 patients, Island Health authority admits - www.TheProvidence.com, 04/15/2015

Wednesday, April 15, 2015

Magazine Subscription Employee Stole Customer IDs for Fraud

A supervisor at a magazine subscription company has pleaded guilty to stealing customers' personal identifying information (PII) which was used for credit card fraud and tax refund fraud.

The woman admitted to providing customers' PII, such as credit card numbers, Social Security numbers, names and addresses, to a person she knew was engaged in fraudulent activities.

"an identity theft fraud scheme involving the personally identifiable information of magazine subscription customers."
- US Attorney's Office, Southern District of Florida
As is too often the case, law enforcement discovered the ID thefts, not the organization holding the PII. Organizations seeking to proactively detect identity thefts and data privacy breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) FL: Broward Resident Pleads Guilty to Stealing Personally Identifiable Information of Magazine Subscription Customers - www.DataBreaches.net, 04/03/2015

Tuesday, April 14, 2015

Doctor Stole Patient Data to Start New Practice

A Mississippi optometrist stole patients' personal information (PII) so that he could notify them of his new practice.

This privacy breach occurred when the doctor copied patients’ information onto a thumb drive, but it just as easily could have been photos of data on a screen taken with a smartphone, which increasingly is being used for data theft.

"[The clinic] notified its patients that there was unauthorized access to [their] medical records." - WDAM Channel 7 news
The data theft was discovered by a victim, rather than the organization holding the PII, as is all too often the case. Organizations seeking to proactively detect data privacy breaches and identity theft can utilize low-cost on-demand SaaS analytics services
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Hattiesburg Clinic issues statement regarding HIPAA breach - www.WDAM.com, 04/02/2015

Monday, April 13, 2015

Union Employee Misused State's Driver License Database

An employee of a union office in New York has pleaded guilty to exceeding authorized access to the state's Department of Motor Vehicles Drivers License Database.

As a union employee he was allowed limited access the database to confirm union members had a current commercial driver's license. However he violated this limit by accessing the database to determine who owned a vehicle seen near a picket line.

"Such an inquiry was outside the scope of the agreement between [the union] and the NYS DMV." -
Assistant U.S. Attorney, Anthony M. Bruce
It is unclear how this data privacy breach, which occurred in 2005, was discovered. Organizations seeking to proactively detect such breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Former Local 17 Business Agent Pleads Guilty to Misusing DMV Database - www.FBI.gov, 04/09/2015

Friday, April 10, 2015

ID Theft Ring Recruited Corrupt Bank Tellers

Two Bronx men have been sentenced to prison for leading an identity theft ring that stole $850,000. They obtained customers' personal identifying information (PII) from bank tellers they recruited.

The ID theft ring operated from July 2010 through June 2014. During that time the corrupt bank tellers gave their confederates customers' account information and Social Security numbers which enabled the ring leaders to withdraw money from victims' accounts.

"between July 2010 and June 2014...corrupt bank tellers passed along personal information from bank customers."
- Attorney General Eric T. Schneiderman
It is unclear how the identity thefts were discovered and why the thefts occurred for four years. Financial institutions seeking to proactively detect identity thefts by insiders can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Bronx men sentenced for stealing Westchester IDs, $850K - www.LoHud.com, 04/02/2015

Thursday, April 9, 2015

$25M FCC Fine for Insider Telco ID Thefts

The Federal Communications Commission (FCC) has fined a US telco $25 million for allowing its employees to access personally identifiable information (PII) from 278,000 customer accounts without authorization. This represents the largest privacy and data security enforcement by the FCC to date.

During 2013 and 2014 the telco's call center employees stole PII and trafficked it to unauthorized third parties to unlock mobile phones.

"The commission will exercise its full authority against companies that fail to safeguard the personal information of their customers."
- FCC Chairman Tom Wheeler
It is unclear how the ID thefts were discovered or why they occurred for such a long time period. Organizations seeking to proactively detect identity thefts and data privacy breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Insider Breach Costs AT&T $25 Million - www.BankInfoSecurity.com, 04/08/2015

Wednesday, April 8, 2015

Lab Tech Arrested for Stealing Patient IDs

A children's hospital laboratory technician has been arrested on suspicion of stealing patients' personal identifying information (PII).

The hospital says the laboratory technician, who was terminated after her arrest, had access to patient names, medical information, Social Security numbers, and insurance information.

"[She] had access to patient files containing personal information."
- Hospital spokesperson
As is often the case it seems the ID thefts were discovered by law enforcement, not the organization holding the PII. Healthcare organizations seeking to proactively detect identity theft and data privacy breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Ex-lab tech at Children’s Heart Center arrested in ID theft case - www.ReviewJournal.com, 04/03/2015

Tuesday, April 7, 2015

Healthcare Job Numbers Increased in March

Overall, healthcare added 22,300 jobs last month, driven in large part by ambulatory care, according to seasonally adjusted numbers from the U.S. Bureau of Labor Statistics.

A majority of job gains, 19,200 in March, continued to come from ambulatory providers. The Affordable Care Act has prompted more healthcare providers to invest in the outpatient setting which have led to higher demand for nurses and physician extenders.

"Healthcare overall added 22,300 jobs last month."
- US Bureau of Labor Statistics
Hospitals also continued to produce steady employment last month, adding 7,900 jobs, a 0.2% increase from February. More than 77,000 hospital jobs were created between March 2014 and March 2015.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Nursing-home jobs drop again, but healthcare jobs still multiply - www.ModernHealthcare.com, 04/03/2015

Monday, April 6, 2015

Rouge Fireman Stole Ambulance Patient IDs

A Pennsylvania fire department has warned that a rogue employee stole the personal information (PII) of patients who used ambulance services during an eight month period in 2012. But the breach only came to light in February 2015.

The fireman sold the stolen PII to a theft ring. About 750 patients may have had a breach of their information — including Social Security numbers, birth dates, and the names of primary health insurance carriers.

"The fire department says a rogue employee sold patient information to a theft ring in 2012."
- CBS News, Philadelphia
It is unclear why it took three years to learn about the these ID thefts. Organizations seeking to proactively detect identity thefts and data privacy breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Phila. Fire Department Warns of Data Breach Affecting EMS Transport Patients - www.Philadelphia.CBSlocalNews.com, 04/03/2015

Friday, April 3, 2015

Policeman Violated Data Protection Act

A UK policeman was charged violating the Data Protection Act after he accessed restricted database records about his sisters out of curiosity.

Sentencing the officer, Sheriff Tierney said: “Despite a warning to the contrary from the computer you were accessing the information, allowing your curiosity to get the better of you, and as a consequence now face disciplinary procedures.

"Despite a warning to the contrary from the computer you were accessing the information, allowing your curiosity to get the better of you." - Sheriff Tierney
It is unclear how the data privacy breach was discovered. Organizations seeking to proactively detect identity theft and data breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) UK: Policeman handed absolute discharge for breaching data protection act - www.DataBreaches.net, 04/01/2015

Thursday, April 2, 2015

Military Patient ID Thefts Involved in $20M Tax Fraud Ring

Nine residents of Alabama and Georgia have pleaded guilty for their roles in a $20 million identity theft tax fraud (SIRF) ring.

In order to file false returns, the defendants obtained stolen identities from a Georgia military hospital. One of the ring members was a hospital employee who had access to the personal identifying information (PII) of military personnel, including soldiers who were deployed to Afghanistan.

"These defendants stole identities from military men and women who have volunteered to protect our country."
- U.S. Attorney George L. Beck Jr., Middle District of Alabama
This identity theft ring, which operated from January 2011 through December 2013, stole over 7,000 identities and used them to file fradulent returnsthe defendants ran a large-scale identity theft ring in which they filed more than 7,000 false tax returns. It seems the identity thefts were discovered by the IRS, not the military hospital. Organizations seeking to proactively detect identity thefts and data privacy breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Nine Defendants Plead Guilty in $20 Million Stolen Identity Refund Fraud Ring - www.DataBreaches.net, 04/01/2015

Popular Posts

Copyright © 2010-2017 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.