A&A Services, which does business as Sav-Rx, is notifying 2,812,336 patients of a hacking incident in October 2023. According to its submissions to the California and Maine attorneys general, Sav-Rx detected an interruption to their network on October 8, 2023. By the next day, their IT systems were restored and prescriptions were shipped on time…
Author: Dissent
Notice of Security Incident – The New Yorker
The New Yorker decided to make fun of security incident notices in a piece by Jay Katsir. From the notice’s “What Happened?” section: In or around November or February, 2018/24, we detected suspicious activity within our system. It was not like in the movies, where a big red “ALERT” message flashes onscreen, but there was…
Ca: New online breach reporting forms for federal institutions and businesses
From the Office of the Privacy Commissioner of Canada, May 24: The Office of the Privacy Commissioner of Canada (OPC) has launched a new online breach reporting form for federal institutions subject to the Privacy Act as well as updated its online breach reporting form for businesses subject to the Personal Information Protection and Electronic Documents Act (PIPEDA). The new online form for…
More than 540,000 patients notified so far about Cencora/Lash Group data breach (9)
– Only partial numbers so far – Only partial list of clients so far – No group has as yet claimed responsibility for the hack and data exfiltration As the week draws to a close, clients of Cencora and The Lash Group have been submitting breach notifications to state attorneys general. DataBreaches reported in February…
American Clinical Solutions: Over 400,000 Medical Records in the Hands of RansomHub
Marco A. De Felice aka @amvinfe reports: The RansomHub group made headlines last February when, following a cyberattack on Change Healthcare, they disrupted operations for several weeks. Change Healthcare is the largest U.S. provider of revenue and payment cycle management, connecting payers, providers, and patients within the American healthcare system. A week ago, a RansomHub affiliate successfully…
Sg: Software firm fined $74k for data breach caused by weak password; half a million users affected
Ang Qing reports from Singapore: A company running online language lessons for children around the world used a password based on its website name, LingoAce, making it vulnerable to the data breach that resulted. More than half a million users were affected. Among personal data compromised were the cellphone numbers, bank account numbers, signatures and…