October 12 – NEW YORK – New York Attorney General Letitia James today secured $1.9 million from e-commerce retailer, Zoetop Business Company, Ltd. (Zoetop), for failing to properly handle a data breach that compromised the personal information of tens of millions of consumers worldwide and for lying about the scope of the breach to consumers. Zoetop, which…
Category: Breach Incidents
Eventus WholeHealth notifies patients of breach
Eventus WholeHealth, PLLC (“Eventus”) provides integrated primary care and mental health services to medically vulnerable adults. In a press release issued this week, they disclose a breach involving protected health information. “On June 1, 2022, we observed suspicious activity associated with a single Eventus email account, despite multifactor authentication on the account.” Comment: That statement…
United Health Centers of the San Joaquin Valley reaches agreement to settle data breach litigation
The Business Journal reports: A class action settlement has been reached in a lawsuit against United Health Centers of the San Joaquin Valley. The case, pending in Fresno County Superior Court, stems from an Aug. 28, 2021 data breach where United Health Centers (UHC) patient information including birth dates, Social Security numbers, diagnosis information codes, financial…
Mars k-12 district in Pennsylvania victim of ransomware attack; data leaked
The Vice Society added more schools to their “partners” leak site yesterday. One of them is the Mars Area School District in Pennsylvania. According to niche.com, MASD is a k-12 district with 3,334 students. In a notice posted on the district’s website on October 3, Superintendent Gross described the progress the district was making in…
Johnson Fitness and Wellness hit by DESORDEN Group
In what has become a familiar event, DESORDEN Group announced yet another attack on a multinational corporation. This time, their target was Johnson Fitness and Wellness, a subsidiary of Johnson Health Tech. Co., Ltd. Johnson Health Tech manufactures exercise training equipment and is listed on the Taiwan stock exchange; Johnson Fitness is headquartered in the…
Talbert House settles litigation stemming from 2021 breach
In July and September of 2021, DataBreaches reported on a breach involving Talbert House in Ohio. DataBreaches had discovered data from Talbert House advertised on Marketo. The data from the non-profit agency included clients’ and employees’ files, as well as data from third parties and partners. Of note, DataBreaches reported that the Marketo listing had…