Saritha Rai has more on the BigBasket breach reported this past week: Cyberattackers have stolen the personal details of million users of top Indian internet grocer Bigbasket, the latest e-commerce data breach to emerge as home-bound consumers flock online. Bigbasket co-founder and chief executive officer Hari Menon confirmed the attack, which was first reported by…
Category: Breach Incidents
Luxottica has a lot more explaining to do
Update: My source was correct. On November 12, HHS added Luxottica’s report to their public breach tool. Luxottica reported, as a business associate, that 829,454 patients were impacted by the August breach. In September, we learned that the eyewear giant Luxottica had suffered a massive ransomware attack that resulted in its suspending operations in both…
Almost 11 million patients impacted by Blackbaud incident — and still counting
Earlier this week, Marianne Kolbasuk McGee had a follow-up piece on the Blackbaud ransomware incident. As part of her update, she reported that Blackbaud would not provide answers when asked about the number or names of clients involved in the incident who had patient data or medical information of donors involved. McGee notes: A snapshot…
Lawrence General Hospital notifying patients of breach
Lawrence General Hospital in Massachusetts is notifying patients of a breach that occurred in September. In their disclosure, LGH notes that on September 19, they discovered a “data security incident that disrupted the operations of our IT systems.” Their investigation determined that an unauthorized party “may have accessed its IT systems between September 9, 2020…
“We take your privacy seriously,” Saturday edition
As part of my research collaboration with Protenus for their Breach Barometer reports, I spend time every week reaching out to entities to ask them for details about incidents if I cannot find any notice on their site or a state attorney general’s site. Most entities respond with the requested information or a copy of…
Statement from Universal Health Services
Updated Thursday, October 29, 2020, 4:30 pm ET — As previously disclosed on September 29, 2020, we experienced an information technology security incident in the early morning hours of September 27, 2020. As a result of this cyberattack, we suspended user access to our information technology applications related to operations located in the United States. While…