2011 - The year of unsafe data

Category: 

2011 draws to a close today, and as it does, it ushers in a year where more medical professionals than ever will be rushing to neet Meaningful Use, and of course that means HIPAA data security compliance. There used to be a time when we did not worry much about our online data; that time is long gone. Here are some companies who were hacked and had their users' personal data put out on the Internet:

Sony is the big winner with 20 separate hacks and over 100 million records leaked.
The mail marketer Epsilon who leaked info from Best Buy, Makrs & Spencer, Marriott Rewards, Walgreens and Chase Bank
Cyworld/Nate (South Kirean facebook-like sites) - 35 million records
Steam and Square Enix (online video game companies)
Citibank had over 200,000 credit card users' info leaked
Lush, a handmade cosmetic company
care2.com which lost 18 million user records complete with plain text passwords of their environmentalist customers
and of course last week's big hit on Stratfor by Anonymous

I subscribe to the free version of Stratfor, so I grabbed Anonymous' data dump and sure enough, there was my email, username and password hash.

If these big companies can be hit, you can too, so be sure to protect yourself as much as possible by being as HIPAA compliant as possible.

...and have a Happy New Year from all of us at CME Online!