Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VA Midwest Health Care Network (VISN 23)
Mentioned in a privacy incident report created by the U.S. Department of Veterans Affairs on June 4, 2012. Also cited in 183 other reports.
Report ID: SPE000000076322, U.S. Department of Veterans Affairs
Reported Entity: VISN 23 Iowa City, IA
Issue:
The VA received a keylogger report from US-CERT. Parsing the data revealed a possible keylogger infected VA owned host and exposed veteran PII.See attached spreadsheet for PII details.va_gov-INC000000212024A zipped file of all data is attached. The password to access the zipped files has been sent to IRCT via email at [email protected] Update: 06/05/12:Based on the information in the attached spreadsheet outlining the information exposed, two Veterans will receive letters offering credit monitoring due name and DoB of one Veteran being exposed, and name and full SSN of the other Veteran being exposed. For the rest of the list, PII was exposed, but based on the spreadsheet, not enough PII to meet the threshold for Notification or Credit monitoring.
Outcome:
system was scanned, no visuses indicated at this time,