Skip to main content

Data breaches du jour.....

Today's news contains information regarding not one, but two, data breaches, compromising the personal information of a total of nearly 20,000 people.

The Washington Business Journal published a report today of a breach at the Environmental Protection Agency which exposed the Social Security numbers and banking information of nearly 8,000 individuals, most current employees of the EPA.  According to the Washington Business Journal's report, the agency confirmed that notices were sent out Tuesday (yes, August 1st) about a security incident that occurred in March. Compromised information reportedly included SSN, bank routing numbers and home addresses.  The EPA has offered one year of credit monitoring and established a hotline.

Closer to home, the Connecticut Attorney General's office is investigating an incident at Hartford Hospital, compromising the personal health information and SSNs of about 9,000 patients.   According to a press release from Attorney General George Jepsen, the information was stored on an unencrypted laptop stolen from an employee of Greenplum, a subsidiary of EMC Corp., which was a contractor to the Hospital.   Jepsen's office sent a letter to the Hospital, requesting additional information regarding the breach and suggesting that, at a minimum, the Hospital offer two years of credit monitoring services to impacted individuals.

According to the company's website, Greenplum is "driving the future of Big Data analytics."    The theft was discovered in June and has been reported to police.

 

 

Subscribe To Viewpoints

Author

Cynthia J. Larose

Member / Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.