Weekly Breach RoundupArrest in Medicaid Breach; Nissan Malware Attack
In this week's breach roundup: A former South Carolina state employee was arrested for allegedly transferring personal information on more than 228,000 Medicaid recipients to his personal e-mail account. Also, Nissan reported a malware incident.
Arrest in S.C. Medicaid Info Breach
A former South Carolina state employee has been arrested for allegedly transferring personal information about more than 228,000 Medicaid recipients to his personal e-mail account.
The information inappropriately transferred in the breach incident, according to the South Carolina Department of Health & Human Services, includes names, phone numbers, addresses, birth dates and Medicaid ID numbers. For almost 23,000 of the affected patients, Medicare numbers, which contain Social Security numbers, also were transferred.
Virus Causes Nissan Data Breach
Malware placed on Nissan Motor Co.'s network allowed user IDs and hashed passwords to be transmitted, the company acknowledges. David Reuter, vice president, corporate communications for Nissan Americas, declines to specify the exact number of IDs and passwords taken for "security reasons." But, he adds: "I can tell you that it was a collection of user IDs among employees, contractors and suppliers worldwide."
Eye Clinic Hack Attack Affects 7,000
La Nueva Casa de Amigos Eye Clinic, a neighborhood clinic of the University of Houston College of Optometry, is notifying 7,000 individuals of a potential data breach involving a computer containing patient records that was "wrongfully accessed by an unauthorized party originating from outside the United States." The hacked data includes health information, contact information and other personal information, but doesn't include Social Security, credit card or driver's license numbers.
While there's no evidence that patient records were viewed or copied, information technology personnel implemented immediate network and system configuration changes, according to a statement posted on the university's website.
Under Armour Employees Notified of Breach
Clothing company Under Armour notified employees that an unencrypted thumb drive is missing in the mail, according to an internal memo viewed by the Dayton Daily News, an Ohio-based newspaper. Auditing firm PriceWaterhouseCoopers sent the drive through the mail, containing details on a recent audit. The breach has potentially compromised employee names, Social Security numbers and salary information.