Employees Sue Home Health Provider After Phishing Breach

Employees Sue Home Health Provider After Phishing Breach


Employees Sue Home Health Provider After Phishing Breach
A class action lawsuit claims that thousands of employees of a home healthcare services firm were harmed by the disclosure of their personal information in a breach earlier this year involving a business email compromise scam. Earlier, regulators fined the company for another breach.

Three former employees of Clearwater, Fla.-based Lincare Holdings Inc., a provider of in-home respiratory care and medical equipment, filed the lawsuit Monday in U.S. district court.
The suit alleges negligence and other charges related to a data breach resulting from a Lincare human resources worker in February 2017 falling for a phishing scam involving a fake email pretending to be from a Lincare executive that requested W-2 tax form information about company employees.
The lawsuit alleges that the Lincare HR employee, "rather than confirming or authenticatingthe validity of the request, compiled the requested information and complied with the request by emailing the name, address, Social Security number, earnings information and more of current and former Lincare employees to the purported Lincare executive."
Lincare, which has about 14,000 employees in about 1,000 locations nationwide, didn't have "the most basic security," resulting in negligence, breach of fiduciary duty, breach of implied contract, and violation of the Florida Deceptive and Unfair Trade Practices Act, the suit alleges.
Plaintiffs are seeking damages as well as at least 25 years of free credit and identity monitoring.

Previous Lincare Case

The complaint also points out that the incident at the center of the suit isn't Lincare's first data breach.
In January 2016, the Department of Health and Human Services' Office for Civil Rights, imposed a $240,000 civil monetary penalty for Lincare's alleged failure to implement policies and procedures to safeguard records containing its patients' protected health information as required by HIPAA (see OCR Slaps Home Health Provider With Penalty).
In that previous incident, OCR's investigation found that a Lincare employee in December 2008 left behind documents containing the PHI of 278 patients after moving to a new residence.
That Lincare case was only the second time ever that OCR imposed a civil monetary penalty in a case involving "egregious violations" of HIPAA.

Comments

Post a Comment

Popular posts from this blog

Fake WAP

Image
Fake WAP There are a horde of things out there that goes under the general name 'hacking.' But what precisely are these demonstrations and what is the completely most effortless one for programmers to finish? This is a stealth assault, similar to a lethal ninja, known as a phony remote access point (Fake WAP). You may likewise know it as a 'man in the center' assault. Programmers can do this effectively enough, taking your information covertly with the goal that you're unaware. More regrettable yet, you'll HELP them do it! A VPN is your vital component to ensuring this doesn't transpire, regardless of the possibility that you do fall into their trap. As a reward, I get the chance to add pictures of ninjas to this post and it absolutely bodes well. What is a fake wireless access point This is the point at which a programmer utilizes a basic bit of programming and a remote system get to card. They will utilize these and go out into the general
Read more

The Secure Socket Tunneling Protocol

Image
The Secure Socket Tunneling Protocol This segment depends on a prerelease adaptation of Windows Server 2008. All data in this is liable to change. Virtual private system (VPN) bolster in Windows XP and Windows Server 2003 enables you to interface with your private intranet over the Internet, similarly as though your PC was connected to a neighborhood Ethernet port. Nonetheless, the VPN conventions in Windows XP and Windows Server 2003 don't work for some firewall arrangements what's more, for some circuitous arrangements, for example, when your PC is behind a Network Address Translator (NAT) or Web intermediary server—in which the movement for VPN associations is being blocked. To determine these challenges, Windows Server® 2008 and Windows Vista Service Pack 1 incorporate help for the new Secure Socket Tunneling Protocol (SSTP). VPN Access Problems In Windows® XP and Windows Server 2003, the VPN conventions that empower remote access associations with an intranet
Read more

Shift cipher

Image
Shift cipher Modular Math and the Shift Cipher The Caesar Cipher is a type of  shift cipher . Shift Ciphers work by using the modulo operator to encrypt and decrypt messages. The Shift Cipher has a  key K , which is an  integer from 0 to 25 . We will only share this key with people that we want to see our message. How to Encrypt: For every letter in the message  M  : 1.  Convert the letter into the number that matches its order in the alphabet starting from 0, and call this number  X . ( A=0, B=1, C=2, ...,Y=24, Z=25) 2.  Calculate:  Y  =  (X + K)  mod  26 3.  Convert the number  Y  into a letter that matches its order in the alphabet starting from 0. (A=0, B=1, C=2, ...,Y=24, Z=25) For Example:  We agree with our friend to use the Shift Cipher with  key K=19 for our message.  We encrypt the message  "KHAN",  as follows:​ So, after applying the Shift Cipher with key K=19 our message t
Read more