Tuesday, June 30, 2015

For 2 Years Hospital Unaware Employee Stole 12,517 Patient IDs

A New York hospital was unaware that an employee had stolen 12,517 patient identities until law enforcement notified them.

On May 15, 2015, the hospital learned the employee had stolen patient names, addresses, dates of birth, Social Security numbers, next of kin information, and health insurance details. The theft occurred between January 2013 and June 2013.

"Hospital told by police that employee stole patient data 2 years ago."
- KCEN TV
Unfortunately it is often the case that law enforcement discovers identity theft before the organization holding a peoples' personal identifying information (PII). Organizations seeking to proactively detect identity theft and privacy data breaches, rather than learn about them from law enforcement, can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Montefiore Notifies Patients of Security Incident and Potential Identity Theft - www.KCENtv.com, 06/19/2015

Monday, June 29, 2015

Insider Charged with Selling IDs from Police Database

A former New Jersey policeman has been charged with selling personal information (PII) he and a police captain illegally obtained from a database used by law enforcement agencies.

Allegedly the pair illegally obtained the personal data of roughly 900 individuals and then sold each set for $100. The information was allegedly sold as part of one of the men's private investigation business, according to prosecutors. In some cases, the pair's customers later allegedly re-sold the data for as much as $200.

"he and a city police captain sold personal information they illegally obtained from a database used by law enforcement agencies."
- NJ.com
The alleged insider data breaches came to light in December 2014, but it is unclear how it was discovered or how long the data thefts had been going on for. Organizations seeking to proactively detect identity thefts and privacy data breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Ex-Newark cop pleads not guilty in alleged data theft scheme - www.NJ.com, 06/24/2015

Thursday, June 25, 2015

Patient IDs Stolen from Hospitals for $3M Tax Fraud Scheme

From 2011, and through November 2013, a Tampa Florida man and his co-conspirators filed false tax returns claiming approximately $3 million in refunds. Many of the victims of this theft ring had their identities stolen from multiple healthcare facilities, including a VA hospital. About 7,000 stolen names, dates of birth, and Social Security numbers were used to file false tax returns and open pre-paid debit cards.
"From an unknown date in 2011, and continuing through November 2013, [he] and his co-conspirators filed false tax returns claiming approximately $3 million in refunds."
- Department of Justice
It is unclear how he identity thefts were discovered or why they occurred for almost three years. Organizations seeking to proactively detect identity theft and data privacy breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Tampa Man Pleads Guilty During Jury Selection In Stolen Identity Refund Case - www.DOJ.gov, 12/02/2014

Wednesday, June 24, 2015

Data Breach Notifications Up 50%

There has been a 50% increase in the number of data-security breach notifications to the Data Protection Officer in Ireland compared to 2013. This is the first annual report released by Helen Dixon, who took over as head of the office from Billy Hawkes, who retired last year.

Controversies investigated include a possible breach at the Water and Department of Education, who collect peoples' Personal Public Service number (PPS).

"A record number of data breach notifications were received."
- Irish Examiner
Organizations seeking to proactively detect data security breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Data-security breach notifications jumped 50% last year - www.IrishExaminer.com, 06/23/2015

Tuesday, June 23, 2015

Insider Breached 4,859 Patient Records

A California hospital announced that the medical records of 4,859 patients were breached, over an almost four year period, by an employee.

It is no comfort that an investigation found no evidence that the records had been downloaded or distributed via e-mail. Smartphone photos of the computer screen is all that is necessary to steal sensitive data.

"An employee viewed thousands of additional records “without a job-related purpose” from June 2011 to March 2015."
- Hospital statement
It is unclear why the breaches were allowed to occur for almost four years. Healthcare organizations can proactively detect privacy data breaches, even those using a smartphone, with low-cost on-demand SaaS analytics services.
Downl
Sources:
(a) Records of 4,859 patients breached at UC Irvine - www.OCregister.com, 06/18/2015

Monday, June 22, 2015

Insider Stole Sold Customer Data

An employee of an apartment management complex in Tennessee stole and then sold current and former residents’ and applicants’ personal information (PII). Stolen data included peoples' Social Security numbers, bank account information, drivers' license numbers.

The employee was arrested when they tried to sell the customer data to an undercover agent for federal law enforcement.

"employee sold certain names and Social Security numbers of current and former residents."
- Department of Justice, New Hampshire letter
Rather than learn about it from law enforcement, organizations can proactively detect insider identity theft and data privacy breaches by utilizing low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Notice of Data Event - www.DOJ.NH.gov, 05/26/2015

Friday, June 19, 2015

Encryption Would Not Have Prevented OPM Hack

A Wall Street Journal (WSJ) article reviewed what we know about the “unprecedented hacking by China of confidential databases” at the Office of Personnel Management (OPM).

The records of more than four million federal employees, as well as listings of which Chinese citizens are in contact with American officials. And it appears that not just civilian personnel were affected but defense officials and the military community.

"encryption would not have helped in this case because the attackers had valid user credentials."
- Homeland Security Assistant Secretary for Cybersecurity, Dr. Andy Ozment
Unfortunately, encryption would not have prevented the hackers from obtaining data because they had valid credentials of insiders, according to the Department of Homeland Security. Organizations seeking to proactively detect hackers posing as insiders can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Hacking Government Apart - www.WSJ.com, 06/18/2015

Thursday, June 18, 2015

Medical ID Theft at Record Levels

Medical ID has risen by 22 percent since last year, according t a study by the Medical Identity Fraud Alliance (MIFA). Unfortunately, medical identity theft victims can expect to pay upwards of $13,500 to resolve this type of crime.

The reputational impacts of medical identity theft for provider organizations is huge said Ann Patterson, senior vice president and program director for MIFA. The study also found that 50 percent of consumers would find another healthcare provider if they were concerned about the security of their medical records.

"50 percent of consumers would find another healthcare provider if they were concerned about the security of their medical records."
- Healthcare IT News
Organizations seeking to proactively detect medical identity theft can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Medical identity theft hits all-time high - www.HealthcareITnews.com, 06/17/2015

Wednesday, June 17, 2015

Healthcare Breaches Most Costly to Remediate

A study has found that healthcare data breaches are the costliest to remediate, at $363 per exposed personally identifiable (PII) record, compared with $154 in other industries.

In addition, researchers found that the cost of remediating data breaches is increasing. The cost of data breaches due to malicious or criminal attacks increased from an average of $159 in last year’s study to $170 per record this year.

"healthcare data breaches are the costliest to remediate."
- Ponemon Institute
The study also found that hackers and criminal insiders cause the most data breaches - 47% were caused by malicious or criminal attacks. Organizations can proactively detect insider breaches and data thefts by utilizing low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) 2015 Cost of Data Breach Study: Global Analysis - www.IBM.com, 05/31/2015

Tuesday, June 16, 2015

Shortage of Health IT Workers Slows Hospital Initiatives

New data and electronic health record (EHR) initiatives, have the healthcare industry competing with large technology firms for skilled IT workers. However, hospitals struggle to compete in terms of compensation, which has forced them to delay projects while positions are vacant.

Health IT jobs are projected to increase 15% to 37% by 2020, faster than growth for other types of jobs. Computer information-security analyst jobs are projected to increase “much faster than average” through 2020, according to the U.S. Bureau of Labor Statistics.

"In 2013, executive-level IT professionals averaged $189,435 in salary, up 6.1% from the prior year."
- Health Management Information Systems Society
Given the continuing IT worker shortage some healthcare organizations are filing the gap by utilizing outside organizations to provide necessary skills. For data initiatives low-cost on-demand SaaS analytics services are available.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) IT labor crunch slows hospital data initiatives - www.ModernHealthcare.com, 06/13/2015

Monday, June 15, 2015

Insider Stole Patient IDs with Mobile Phone

An office student intern at a Florida healthcare clinic has been charged with identity theft of patients' personal identifying information (PII) of 261 people.

This insider then shared the PII with another person. The identity thefts were discovered during an investigation by the State Attorney’s Office, U.S. Secret Service and Internal Revenue Service.

"Names and Social Security numbers of 261 people were illegally photographed at [the clinic] and then transmitted to another person." - court documents
Unfortunately, as is too often the case, these identity thefts were discovered by law enforcement rather than the organization holding the PII. Organizations seeking to proactively detect identity theft, even when it is done using a phone to take photos of a computer screen, can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Office intern at Jacksonville primary care center charged with ID theft - www.Jacksonville.com, 01/24/2015

Friday, June 12, 2015

Nat'l Guardsman Stole IDs for DOD Fraud

A recruiting assistant for the Ohio Army National Guard stole identities which he used to obtain money fraudulently from the Department of Defense (DOD) between 2006 and 2011.

The US Army Criminal Investigation Command conducted the investigation.

"[he was] charged with theft of public money and aggravated identity theft." - WKBN News
It is unclear how the identity thefts were discovered or why they occurred for five years. Organizations seeking to proactively detect identity theft and data privacy breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Southington Nat’l Guard member charged with identity theft - www.WKBN.com, 05/22/2015

Thursday, June 11, 2015

Medical Assistant Stole Patient IDs for Credit Fraud

While employed at a dermatology clinic in Little Rock Arkansas, a medical assistant stole personal identifying information (PII) of patients. She used the patient information to open fraudulent lines of credit with online retailers from which she proceeded to make thousands of dollars in purchases.

Her job afforded her regular access to medical files that contained sensitive information such as patient dates of birth and social security numbers.

"The job afforded her regular access to medical files that contained sensitive, personally identifiable information such as patient dates of birth and social security numbers."
- US Department of Justice, Eastern District of Arkansas
It is unclear how the identity thefts were discovered. Organizations seeking to proactively detect identity theft and data privacy breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) MEDICAL ASSISTANT PLEADS GUILTY TO AGGRAVATED IDENTITY THEFT - www.Justice.gov, 06/03/2015

Wednesday, June 10, 2015

DUI Tech Part of ID Theft Tax Fraud Scheme

A Florida Sheriff's Office DUI technician has been indicted for taking part in an identity theft and fraudulent tax refund scheme that operated from 2010 -2013.

This woman, along with three other accomplices, were arrested last month. One of the women was an employee at a Hialeah hospital and she allegedly stole patients' personal identifying information (PII).

"an employee at [a hospital] in Hialeah allegedly stole patients’ personal information as part of the scheme. ."
- Sun Sentinel
It is unclear how the identity thefts were discovered or why they went on for three years. Organizations seeking to proactively detect identity theft and privacy data breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Broward sheriff's employee among those indicted in fraud case - www.SunSentinel.com, 05/23/2015

Tuesday, June 9, 2015

Healthcare Job Boom Continues

In May the healthcare industry added 46,800 jobs. This nearly equals April's largest month increase this year.

Of the 46,800 new jobs, hospitals added 15,700, a 5.4% increase from last month, while ambulatory care services added 27,600, an increase of 16.9%

"The healthcare industry added 46,800 jobs in May."
- Modern Healthcare
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software. Sources:
(a) Healthcare Job Boom Continues in May - www.ModernHealthcare.com, 06/05/2015

Monday, June 8, 2015

IRS Worker Stole IDs for Tax Fraud

An IRS worker in Saint Louis stole identities and then filed 356 fraudulent state and federal tax returns. She has pleaded guilty in US District Court to charges of identity theft and wire fraud.

She used names, birth dates and Social Security numbers of others without their knowledge to fill out federal and state tax returns, then added false information including addresses, workplaces, wages and the amount of tax withheld, according to prosecutors.

"[She] used names, birth dates and Social Security numbers of others without their knowledge to fill out federal and state tax returns." -
US District Court documents
It is unclear how the identity thefts were discovered. Organizations seeking to proactively detect identity thefts and privacy data breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Former St. Louis IRS worker filed 356 fraudulent tax returns - www.StLtoday.com, 06/01/2015

Thursday, June 4, 2015

Nurse Took Patient Info to New Employer

A Rochester New York nurse practitioner, without permission, took and shared with her new employer, a list of patient names, addresses, gender, date of birth and diagnosis.

The hospital discovered the privacy breach about three weeks after the breach of patients' confidential information and has notified 3,403 patients.

"She did not have permission to share the list outside the institution, nor did she have authorization from the patients whose information was on the list."
- Hospital public relations notice
Healthcare organizations seeking to proactively detect data privacy breaches and identity theft can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) URMC: Nurse took patient info to new employer - www.DemocratAndChronicle.com, 05/22/2015

Wednesday, June 3, 2015

Patient Privacy Breach at NY Medical Practice Affects 600

Information on up to 600 patients of a NY medical practice was accessed by a third party under the direction of a then-associated physician to "solicit patients in connection with the physician's new employment."

An investigation indicated insider wrongdoing resulted in the access of certain health information (full name, date of birth, address, telephone number, e-superbills, appointment schedule).

"insider wrongdoing resulted in the access of certain health information (full name, date of birth, address, telephone number, e-superbills, appointment schedule)."
- ABC News
It is unclear how the patient data theft was discovered, often it's only when a victim notifies the organization. Healthcare organizations seeking to proactively detect privacy data breaches and identity theft can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Patient information compromised in security breach - www.ABCnews.com, 05/29/2015

Tuesday, June 2, 2015

Hospital Clerks Snooped in Patients' Records

Four hospital clerks were found to have snooped in patient records, according to the Office of Information and Privacy Commissioner of Ontario. A total of 52 patients had there personal information breached; one clerk inappropriately accessed 43 patients' information.

The hospital reports that the privacy breaches were done out of "curiosity" on the part of these employees.

"Some 52 patients of had their personal health information breached over the last five years."
- Hospital spokesperson
The four breaches were discovered during "routine audits" but it is unclear why some occured five years ago and are just being reported. Organizations seeking to proactively detect privacy data breaches and identity thefts can utilize low-cost on-demand SaaS analytics services.
Download
Sources:
(a) SOURCE_TITLE - SOURCE_NAME_AND_DATE

Monday, June 1, 2015

Sheriff's Office Employee Stole IDs for Tax Fraud Scheme

A Mississippi sheriff's Office lieutenant stole inmate (PII) so that accomplices could file fraudulent tax returns with the stolen identities. She stole Social Security numbers and names by misusing her access to the jail database.

Refunds from the fraudulent returns, filed from May 2011 until December 2012, were sent to a post office box in Louisiana. Other co-conspirators were named in the indictment.

" used her position as a lieutenant at a county detention center to access the jail Management System and steal names and Social Security numbers of inmates and other individuals."
- Department of Justice document
It is unclear how the identity thefts were discovered or why they were allowed to occur for over a year. Organizations seeking to proactively detect identity thefts and privacy data breaches can utilize low-cost on-demand SaaS analytics services.
Download
Sources:
(a) Mississippi sheriff’s office employee indicted for using stolen identities to file fraudulent tax returns sent to Louisiana post office boxes in Tallulah, La. - www.DOJ.gov, 05/29/2015

Popular Posts

Copyright © 2010-2011 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.