November 14, 2009 – An eighteen year old Boston area college student reports that she purchased and used Oxy® Maximum Face Wash, a well known acne treatment product sold in pharmacies throughout the U.S., but eventually the skin on her face became significantly discolored in areas where she had applied the product.
The young woman first bought the over-the-counter medication in the summer of 2009 at a CVS store. She used it daily as directed for several months, but eventually noticed that she was losing skin color in the areas of her face where she had applied the face wash. She immediately ceased use of the product, but the skin discoloration remained.
Now, several months later, and even though she has not used the product again, she still has significant discolored patches on her face. Recently, she was examined by a dermatologist who was not willing to confirm whether or not the condition was permanent. In his words, “only time will tell”. Meanwhile, this young lady must now apply make-up to her face whenever she goes out, in an attempt to hide what she considers obvious disfigurement as the result of her use of the Oxy® product.
Oxy® Face Wash, manufactured by the Mantholatum Company, Inc., is prominently advertised to contain ten percent (10%) benzoyl peroxide, a product widely used to fight acne, but which has also been reported to have side effects, causing itchy, dry skin and rashes. The product’s label and other literature give no warning that skin discoloration could occur as a result of use of the Oxy® Acne Products.
November 14, 2009 – The Boston Law Offices of the attorney and Washington D.C. based, Steven Berk (Berk Law), in conjunction with Cotchett, Pitre & McCarthy, has filed a class action against JPMorganChase as the successor in interest to Washington Mutual (“WAMU”) in the US District Court for the Northern District of California. The complaint alleges that WAMU’s banking services played an integral role in facilitating the $150 Million Ponzi scheme perpetrated by William Wise and Millennium Bank.
According to the complaint, Wise and Millennium Bank raised over $150 million from over 250 investors by promising returns as high as 9% on premium certificates of deposit, when the market was offering much lower rates. Millennium Bank was primarily operated out of Napa, California and claimed to be a subsidiary of United Trust of Switzerland, another Wise entity. Millennium Bank’s sophisticated internet marketing allowed them to dupe hundreds of investors worldwide.
As described in the Complaint, Millennium Bank’s staff in Napa instructed purchasers of the high-yield CDs to wire funds to its WAMU accounts opened in Las Vegas, Nevada under fictitious names, or to send checks to Napa, which were subsequently deposited into these accounts. The money then moved offshore or was used to pay for Wise’s lavish lifestyle. There is no evidence that he made any investments with victims’ money. A copy of the Complaint appears below:
November 2, 2009 – The University of North Carolina is now apparently claiming that no consent was required to include patients, and their personal information, in the data base of a statewide mammography registry. According to Karen McCall, UNC Health Care spokesperson, “federal regulators waive consent requirements for projects like the Carolina Mammography Registry because it is a population-based study dealing with hundreds of thousands of pieces of data”.
This is interesting news for the thousands of female patients whose birth dates and social security numbers were included in the database, and may have been compromised by hackers who gained access to the system as far back as 2007. It appears that most of the patients had no knowledge either that they were being included in any study, or that personal information would be a part of the information provided.
In fact many learned of their inclusion in the study only when they received a letter from the Carolina Mammography Registry and signed by Bonnie C. Yankaskas, Ph.D., Professor, Department of Radiology, which stated as follows:
I am writing to notify you about a computer security breach that may have
resulted in the unauthorized exposure of your personal information. In late
July 2009, information technology employees at The University of North
Carolina at Chapel Hill (“University”) discovered that a computer server
storing data for the Carolina Mammography Registry (“Registry”) at the
University’s School of Medicine was targeted in a computer hack. We believe
this hacking incident may have occurred in 2007. When University staff
learned that the server was compromised, the server was taken down, and all
data on the server were removed.
The letter then went on to say:
Unfortunately, some of your personal information was on the Registry’s server
at the time of the hacking incident. This information included your name and
Social Security number. In many cases, these data also included your date of
birth, address, phone number, demographic information, insurance status, and
health history information.
UNC apparently is relying on the fact that the Mammography Registry was part of a federally funded cancer study and that federal regulations waived the need for consent. However, McCall failed to cite any particular federal regulation, which would circumvent an individual’s right to privacy, and in particular, which would expressly permit the dissemination of a patient’s most private personal information. When asked why patients would not have been asked to consent to the use of this information in the study, McCall stated that there were “so many participants that the cost of getting permission would be prohibitive to the point of not being able to do the study” .
Source: News Observer
October 27, 2009 – The University of North Carolina School of Medicine has recently disclosed that, in the year 2007, internet hackers gained access to a database called the Carolina Mammography Registry. Apparently, some of the records contained personal information about patients, including dates of birth and social security numbers. Information for thousands of female
patients who had received mammographies in several North Carolina private practices were added to the database, apparently without the knowledge or permission of those patients.
The data was collected by the UNC School of Medicine to conduct research as part of a national study. The database contained information pertaining to approximately 236,000 women. UNC reported that the breach included the records of more 163,000 of those women. The information was retained on a server to be accessible to researchers who were a part of the study. The goals of the study were to improve breast cancer detection, understand risk factors, guide future research, and inform policy makers. The database was part of a national study funded by the National Institute of Health’s National Cancer Institute.
It appears that the IT department at UNC discovered the breach in July, 2009, when
researchers could not access the database. Viruses were discovered, which dated back to 2007. UNC’s IT department immediately took down the server and removed all of the information that had been previously posted. The UNC School of Medicine then began contacting women who they believed may have been affected by the breach. Two different letters apparently went out to women whose information had been exposed; one letter to women whose Social Security Number was in the database, and one letter to women whose number was not.
Both UNC and outside law enforcement officials are investigating the breach, but thus far have not been able to determine if any information was removed, or who was responsible for the breach. Apparently, the investigation remains open at this point.