Tag Archives: data breach

20% of Data Breaches Involving Business Associates

Data Breaches Involving Business Associates

According to data on OCR’s website, there have been 292 breaches affecting 500 or more individuals since September 2009. Business associates have been involved in 57, or about 20%, of those breaches.

via OCR Deciding Whether To Run HIPAA Audits on Business Associates – iHealthBeat.

PCI for Corporate Franchise Servicer

Last week, Visa officially brought corporate franchisors into the world of Level 1 merchant service providers by requiring them to register as Third-Party Agents, with all that that implies. At one level, the increased visibility, attention to PCI compliance and stricter validation regime should reduce data breaches at unsecure franchise locations.

via StorefrontBacktalk » Search Results » corporate franchise servicer.

HHS: Laptop theft is No. 1 source of health data breaches – FierceHealthIT

HHS officials last week confirmed what many people have long suspected: Laptop theft is the most common source of health data breaches affecting at least 500 people. Of the 189 breaches reported to HHS since notification became mandatory last year, 52 percent were due to theft

via HHS: Laptop theft is No. 1 source of health data breaches – FierceHealthIT.

PCI Compliance Should Be a ‘LifeStyle’

Merchants are most likely to remain compliant with the Payment Card Industry Data Security Standards and avoid data breaches if they adopt security as a “lifestyle,” according to a study released earlier this week by Verizon Business. Verizon Business provides audits and other PCI-related services.

via News.

The PCI Lessons From Google’s Employee Data Breach

When Google this month fired a programmer for using the search giant’s database to investigate an intriguing teenager, it showed that even the most sophisticated and respected technology brands can have a trusted employee go rogue. This lesson should not be lost on retail executives, who may rely on several third-party service providers to process or analyze their payments.

via StorefrontBacktalk » Blog Archive » The PCI Lessons From Google’s Employee Data Breach.

Discover to get $5M from Heartland for ’08 data breach

Heartland Payment Systems has agreed to pay $5 million to Discover to settle claims arising from the massive data breach disclosed by the payment processor last year.

In a brief statement on Wednesday, the Princeton, N.J.-based Heartland said the settlement “resolves all issues” between the two companies stemming from the intrusion.

via Discover to get $5M from Heartland for ’08 data breach.

Roundup of largest data breaches / incidents

records date organizations
130,000,000 2009-01-20 Heartland Payment Systems, Tower Federal Credit Union, Beverly National Bank
94,000,000 2007-01-17 TJX Companies Inc.
90,000,000 1984-06-01 TRW, Sears Roebuck
76,000,000 2009-10-05 National Archives and Records Administration
40,000,000 2005-06-19 CardSystems, Visa, MasterCard, American Express
26,500,000 2006-05-22 U.S. Department of Veterans Affairs
25,000,000 2007-11-20 HM Revenue and Customs, TNT
17,000,000 2008-10-06 T-Mobile, Deutsche Telekom
16,000,000 1986-11-01 Canada Revenue Agency
12,500,000 2008-03-26 LaSalle Bank, BNY Mellon Shareowner Services, Archive Systems Inc, The Walt Disney Company, SYNOVUS