315,000 patient files have disappeared from Emory Healthcare, an Atlanta-based healthcare company. The files contained 17 years worth of private data on all patients who had a surgical procedure done at Emory University Hospital, Emory University Hospital Midtown, and The Emory Clinic Ambulatory Surgery Center between 1990 and 2007. Besides protected health information, the discs also contained around 228,000 patients’ Social Security numbers.
According to John T. Fox, CEO of Emory Healthcare, the files were not obtained through hacking. An employee discovered that the backup files were missing from an office cabinet where they were no longer in use. Whether they were stolen or misplaced is yet to be known, but there is no evidence that the files have been misused.
Fox apologised on behalf of Emory Healthcare and said the company will be sending letters to affected individuals whilst also offering free identity protection services. It is estimated that the breach will cost Emory Healthcare as much as $2m.
See the full story in the Atlanta Journal-Constitution
Aviva has had to apologise after it’s HR department unintentionally sent 1,300 employees in its asset management arm an exit email that was intended for just one person. The Telegraph reports that the email instructed the workers to hand over all company property, security passes, and electronic passwords on their way out of the building whilst reminding them of their contractual obligation to retain confidential information. 
As the usage of Macs is on the incline, so are the number of viruses out to infect them. A recent report conducted by Russian antivirus company Dr. Web has found that over half a million Macs are infected with the Flashback trojan, which poses as a Flash Player installer and disables Apple’s automatic updating mechanism for its system-wide malware application. This means that once your computer is infected, you’ll never be informed and you’ll be open to future attacks. 
While there has been growth in public awareness about cloud computing, there remains some confusion about what it actually is. Put simply, cloud computing is pooled hardware and software made accessible via the internet. It means IT users can access their applications and data online. The applications and data are stored and maintained by a third party (cloud service provider) remotely, rather than on servers and networks physically located at the users’ premises.
Already having to pay out for last year’s huge PlayStation Network breach, Sony is in the spotlight again after the entirety of Michael Jackson’s back catalogue was stolen from the company by hackers. The cyber attack saw the illegal download of around 50,000 music files belonging to the singer, including some unreleased material. The files were estimated at around £160m making this the biggest attack on a music company ever. 
Since 2004, the California Online Privacy Protection Act (COPPA) has required online services that collect certain types of data from Californian users to post a privacy policy which describes how the information will be used. If they collect this data, Apps fall under this category, but a recent report has found that only about 5% have the appropriate privacy policies in place. 
Antivirus firm Symantec has recently been the victim of a hack attack in which the hacker released the source code for its pcAnywhere utility. Fears have arisen that hackers could analyze the code to find security holes and then attempt to take over customers’ computers. 
Drug research company Pharmafakt GFD has been accused of selling raw data on drug prescription habits to pharmaceutical companies. Although selling the information is legal if made anonymous, this information was not coded in any way, which would allow pharma companies to see which doctors are prescribing which drugs and would help to instruct representatives where they should focus their efforts.
If you thought cybercrime reached the headlines a lot in 2011, then get ready for 2012. Experts are saying that this year will be the worst year ever for hack attacks. 
VeriSign, the company ultimately responsible for the integrity of websites ending in .com, .net and .gov, has been hacked repeatedly, Reuters reports. It is believed that hackers stole undisclosed information from the company, though VeriSign does not believe the servers that support their Domain Name System network have been breached. 