On July 17, this site reported on a leak by a vendor, Medico, Inc., that exposed 300,000 patients’ insurance billing-related records. Today, we report on another leak – this one by another vendor – that also exposed about 300,000 records. As part of their benefits offerings, companies often offer services to their employees to help…
Category: Breach Incidents
This London Firm Helps the Wealthy Hide Assets – or Steal Them. Luckily We Have 15 Years of Their Client Communications.
Barrett Brown writes: It is my cheerful duty to announce the acquisition of around 85 gigabytes of leaked emails, phone calls, faxes, and other documents originating from the London-based tax shelter firm Formations House, best known to the public for the assortment of often colorful scandals involving such figures as former Ukranian president Viktor Yanukovych,…
TN: Data breach of vendor puts personal info of TN high school students at risk
Carley Gordon reports: The Tennessee Higher Education Commission is currently investigating a possible data breach of a 3rd party vendor, that potentially has exposed personal information of thousands of public school students across Tennessee. The Commission is a state organization focused on assisting high school seniors in every element of accessing higher education. The Tennessee Higher…
Personal information for 70,000 Hawaii students potentially compromised
HNN reports: Personal information for as many as 70,000 public school students may have been compromised after a University of Hawaii vendor charged with overseeing a college and career planning website detected “suspicious” unauthorized access to one of its servers. […] The University of Hawaii’s P-20 Partnerships for Education provided the third-party vendor ― Graduation…
Victims of AMCA’s breach allege AMCA not helpful enough in incident response
The other day, I wondered aloud whether there was anything the American Medical Collection Agency (Retrieval Masters) could have done after they were hacked to keep their big clients like Quest Diagnostics and LabCorp. An interesting report by Marianne Kolbasuk McGee on BankInfoSecurity suggests that there might have been. McGee reports that newly submitted court…
OH: Edgepark Medical Supplies notifying 6,572 patients after a “password spray attack”
It appears that RGH Enterprises, Inc., d/b/a Edgepark Medical Supplies, has had another HIPAA breach. The first time they came to this site’s attention was in January, 2014, when they disclosed a 2013 malware incident that had gone undetected for nine months and potentially impacted 4,230 patients. Then in January, 2018, they notified HHS and…