Privacy Advisor

Healthcare Entities, Hotels, Bank Announce Breaches

February 14, 2014

By Angelique Carson, CIPP/US

A number of brands have announced breaches this month, including Tesco, which was the victim of a breach not because of its own systems but as a result of breaches at various websites in which users employ the same username and password across multiple sites. A U.S. senator recently said data breaches are simply a “fact of life” these days, and an eSecurity Planet report explains why brands’ stock prices may actually rise after breaches.

Delaware’s Beebe Healthcare has begun notifying 1,900 patients that their personal and medical information may have been inappropriately accessed after learning a contractor was arrested for incidents related to identity theft years prior to her employment, eSecurity Planet reports.

In another healthcare breach, the Easter Seal Society of Superior California has sent data breach notifications to 3,026 current and potential clients after a laptop containing their information was stolen.

Embassy Suites San Francisco Airport in California has similarly begun notifying an undisclosed number of recent guests that their payment card information may have been exposed after an unauthorized person accessed two computers at the hotel’s front desk.

Also in the U.S., Bank of the West has sent letters and e-mails to job applicants after the potential theft of such data as Social Security and driver’s license numbers.

And UK-based Tesco has announced the usernames and passwords of some customers’ accounts were posted online, affecting about 2,200 accounts. While Tesco wasn’t itself hacked, data gleaned from details gathered from other data breaches at various websites was used to access the accounts of users who maintain the same username and passwords across multiple sites.

Data Breaches the Impetus for Shift in Trends

A recent study found that the rise in reported data breaches is the main reason brands implement encryption technology, ComputerworldUK reports. That’s according to a Ponemon Institute study, which surveyed 4,800 organizations. 

An eSecurity Planet report looks at the reasons why a brand’s stock price could potentially rise after a data breach. It comes down to incident management, the report states. “When done right, incident response management is a valuable weapon for limiting material or reputational damages caused by data breaches,” the report states.

Meanwhile, U.S. Sen. Mark Pryor (D-AR) says data breaches are now a “fact of life” in the 21st century, and The Charlotte Observer features privacy expert Ted Claypoole’s list of “five things every small business should know about cybersecurity.

Read More by Angelique Carson:
NTIA Holds First Meeting on a Facial-Recognition Technology Code of Conduct
Will the FTC’s Recent Safe Harbor Settlements Quench Europe’s Thirst for Increased Enforcement?
With Rodriguez Tapped for DHS, Who’ll Call the Shots at OCR?
ICYMI: Target Fallout Continues; More Breaches Reported