DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

ReportaClaim may need to report a leak

Posted on April 10, 2020 by Dissent

Pennsylvania-headquartered ReportaClaim.net describes itself as gateway for stand alone companies, professional employer organizations (PEOs), staffing companies, and their clients to submit worker injury reports.

In order to do that, they necessarily collect a lot of personal and medically-related information such as the employee’s full name, the employer, the employee’s job position, the date of injury, a description of how it occurred, the injuries claimed as a result of the accident or work conditions, what happened after the accident or incident, and other personal information related to the employee.

Naturally, keeping such data secure is a priority.

Reportaclaim.net is versed with the nuances of the staffing industry and the subtleties of dealing with (sometimes) multiple tiers of staffing clients. We protect your clients’ identities and handle them discreetly.

Whatever steps or protections they had in place to protect clients’ identities and handle them discreetly were apparently insufficient.  Earlier this week, I saw a database listed on a forum that was described as a medical records system with full database.  When I inspected it, I found it was their data. It included employee and employer names, date of accident, description of injury, and additional details.

First reports of injuries submitted to ReportaClaim. Screencap by DataBreaches.net.

The individual posting the data for token sale was subsequently banned and the listing removed, but since then, I have also seen the same listing appear on another forum, for free.

ReportaClaim is aware of the situation and according to a brief response to this site’s inquiry, they are working with the FBI investigating the situation. DataBreaches.net does not know if this incident is the  result of a leak or a hack, but the listings seen for it refer to it as a leak.

ReportaClaim’s spokesperson did not say whether they would be notifying individuals, but based on the types of information I saw in the database, I would think that they would have to, and we may see a press release at some point down the road.

Category: Breach IncidentsU.S.

Post navigation

← Stockdale Radiology’s notification may confuse readers
Delaware urology practice hit with ransomware in January →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • CoinMarketCap Hacked, Scrambles to Remove Malicious Wallet Verification Popup
  • Montana Attorney General launches investigation into Lee Enterprises data breach
  • AT&T gets preliminary approval for $177 million data breach settlement
  • Aflac notifies SEC of breach suspected to be work of Scattered Spider
  • Former JBLM soldier pleads guilty to attempting to share military secrets with China
  • No, the 16 billion credentials leak is not a new data breach — a wake-up call about fake news (Updated)
  • Tonga’s health system hit by cyberattack (1)
  • Russia Expert Falls Prey to Elite Hackers Disguised as US Officials
  • Proposed class action settlement in In re Netgain Technology litigation
  • Qilin Offers “Call a lawyer” Button For Affiliates Attempting To Extort Ransoms From Victims Who Won’t Pay

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data
  • US Judge Invalidates Biden Rule Protecting Privacy for Abortions
  • DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities
  • 23andMe fined £2.31 million for failing to protect UK users’ genetic data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.