Annie Burky reports: Amazon-owned PillPack reported a cybersecurity attack affecting the accounts of nearly 20,000 customers. An unauthorized person used customer emails and passwords to log into PillPack customer accounts, over 3,000 of which contained prescription information. Social Security numbers and payment information were not involved in the attack, according to the online pharmacy. Read…
Category: Health Data
Phishing attack affects Texas patients; at least 130,000 impacted
DataBreaches.net has noted some reports this week involving an unnamed business associate that discovered a phishing attack in January of this year. The most recent disclosure was spotted on the website of South Texas Health System for its South Texas Health System – Edinburg facility. The May notice can be read at and reads, in…
Hacker attack Asl Abruzzo, Guarantor: downloading data is a crime
A press release (machine translated) from the Italian data protection regulator, Garante per la Protezione dei Dati Personali: With reference to the recent hacker attack suffered by Asl 1 Abruzzo, the Guarantor for the protection of personal data reminds that anyone who comes into possession or downloads data published on the dark web by criminal…
AG Platkin Co-Leads $2.5-Million Multistate Settlement with EyeMed Over 2020 Data Breach
NEWARK–Attorney General Matthew J. Platkin announced today that New Jersey is co-leading, with Oregon and Florida, an overall $2.5-million settlement with EyeMed Vision Care (“EyeMed”) that resolves an investigation into a data breach that compromised the personal and medical information of approximately 2.1 million people, including more than 52,000 from New Jersey. Pennsylvania also joined…
HHS Office for Civil Rights Settles HIPAA Investigation with Arkansas Business Associate MedEvolve Following Unlawful Disclosure of Protected Health Information on an Unsecured Server for $350,000
As background: this case began with someone finding an unsecured FTP server owned by MedEvolve. He reported it to DataBreaches. This site first reported on the leak in 2018. This site also reported when MedEvolve issued a statement months later, and again two years later when HHS got them to notify patients. Today, the U.S….
Patients concerned after local allergy clinic closes its doors because of alleged data breach
KOCO reports: A local asthma and allergy clinic has closed its doors because of an alleged security data breach. Patients are now concerned that their medical records may have been compromised. Several patients have told KOCO that they are in need of asthma medication from the Oklahoma Institute of Allergy Asthma and Immunology but have…