Information security analytics

The British National Health Service (NHS) has to pay 90 thousand pounds for compromising the data of 59 patients. Over three months NHS employees sent 45 faxes to wrong numbers. During this time, the employees compromised data of 59 people, including their diagnoses and personal information. The negligent actions of the careless insiders are considered by the ICO to be a violation of the Law of citizens’ Personal Data Protection.

UK. Medical and social security records kept by public bodies are being unlawfully or inappropriately accessed dozens of times a month and hundreds of civil servants disciplined for data offences, according to Government records. Staff at the Department for Work and Pension (DWP) are being reprimanded at a rate of nearly five per day for breach of the rules governing its vast database - thought to be the largest of its kind in Europe - while the Department of Health (DoH) last year recorded 13 cases a month of unlawful access to medical records.

USA, Florida. The personal information of 100,000 social workers was in public access without password protection. The Department of Children and Families has already informed the victims that their personal information (names, addresses, phone numbers, social security numbers) was in public access and could be used by fraudsters for illegal objectives. The officials have also made it clear that everyone who wants to monitor their credit history can use the service for free within the year.

The Public Security Department reported that 1,700 people were arrested on suspicion of theft or improper use of the Chinese people's personal information. Investigations and arrests took place almost across the whole territory of China — in 20 provinces, including Beijing and Shanghai. Over the course of the investigation, officials found out that the workers of financial institutions, telecommunications companies and other institutions which have personal information databases were selling the personal information to fraudsters.

USA, South Carolina. More than 200,000 South Caroline residents have become victims of the actions of an insider. An employee of Medicaid – the state health care program for those in need – sent patients' personal data to his personal email account. He managed to get hold of data belonging to a quarter of all Medicaid clients in South Carolina, about 228,000 original records including personal data. Of these, no less than 22,000 contained an identification number linked to their Social Security number, the holy grail for fraudsters.

ALBANY, Ga. (AP) Authorities have charged an Albany nurse with stealing the identities of people and filing more than $1 million worth of false tax returns. The Albany Herald reports that Melody B. Milton, also known as Melody Greene, has been charged in federal court with taking part in a scheme to file 200 false tax returns, averaging $9,500 each. Milton was fired from Phoebe Home Health after the charges were filed.

USA. California. In a puzzling breach of security, computer storage devices containing identification information of 800,000 Californians using the state's child support services have disappeared. The Department of Child Support Services reported Thursday the data devices were lost March 12 en route to California from the Colorado facilities of IBM, one of the contractors in charge of the storage devices.

A new survey from LapSafe Products has revealed that 45% of education establishments have had mobile devices – such as laptops, netbooks, MP3 players, tablets and gaming devices – stolen between 2009 and 2011. This is the result of a survey of 100 UK schools, colleges and universities undertaken at the BETT Show 2012 in January. Most of the stolen devices were laptops and netbooks.

Tennessee, USA. 3 years after a leak, the medical association Blue Cross Blue Shield pays $1.5 M for the fulfillment of everything demanded by law by HIPAA.

Great Britain. A worker at City Council in Belfast has compromised the personal data of his colleagues.