A ROGUE EMPLOYEE AT PREMIUM HEALTH INSURANCE OUTFIT Bupa has not walked out of an office with a USB stuffed with health insurance data and set about selling it to even worse people then he or she presumably is. He took it out of the office another way.
Graham Cluley, pretty much the Don Corleone of talking about security happenings, has shared a copy of the letter that Bupa has apparently sent out to customers of its health insurance offerings.
Uh oh. BUPA is warning some customers that a rogue employee snuck off with data, and shared it with others... https://t.co/26hxsv6GMK— Graham Cluley (@gcluley) July 12, 2017
The letter is a warning, and if you don't want to have to worry about your privacy then you do not want to be sent a copy, particularly when you remember that this is a personal thing that you pay for and that it was one ruddy bastard with sticky fingers that got you here.
The data does not include medical or financial information, apparently, but does include some identifiable stuff like name, date of birth and nationality. Why someone would want such a list of data is beyond us, but we aren't the sort of people who trade in this kind of thing. Although they are out there.
"We are contacting to advise you to be vigilant and take care as we believe the employee has made the information available to other parties," warns the letter.
"In cases such as this, fraudsters can seek to trick people by impersonating Bupa. You should always take particular care to double check the sender of any communication that asks for financial or personal details."
Graham Cluley told the INQUIRER that such bastards will always be a problem because companies are focussing their attention in the wrong direction. "Rogue employees are one of the biggest challenges for any business," he said. "There's so much focus on external hackers, and too little on staff."
We have asked Bupa press in the UK to confirm the letter and it is getting back to us blah blah blah. In the meantime, the letter and an apology video is right there on the ruddy Bupa website now. You can enjoy that here. µ
Biz-focused app will help SMBs connect with customers
But she sounds like she might be a bit of a lush
Firm says DHS' decision relies on' subjective, non-technical public sources'
Really. We're not making this up