Hair Free Forever (HFF) appears to have suffered an insider-wrongdoing breach involving a now-former employee using patient information to solicit patients for another business. HFF’s notification letter suggests they are covered by HIPAA. The number of patients affected by the breach is not disclosed in the template notification letter submitted to the state attorney general’s office,…
Category: Breach Incidents
Elmcroft Senior Living notifies residents and family members of hack
Elmcroft Senior Living is notifying an unspecified number of residents of a hacking incident that occurred on May 10 and that was discovered on May 12. According to a template of their notification letter submitted to the California Attorney General’s Office, the May 10 hack included files containing personal information about residents or their family…
MI: Holland Eye Surgery & Laser Center notifies 42,200 patients about 2016 hack
After his victim allegedly didn’t respond to his repeated demands for a “security fee,” a hacker accuses the victim of covering up a hack for almost two years. One of the breaches added to HHS’s public breach tool this past week is a breach reported by Holland Eye Surgery and Laser Center in Michigan. The…
Aflac says agent emails were hacked, exposing personal information of clients
WXYZ reports that American Family Life Assurance Company of Columbus (Aflac) has issued a press release concerning the breach of independent contractor sales agents’ email accounts. The breach has reportedly affected some clients’ personal information. WXYZ reports: Clients’ personal information such as names, addresses, dates of birth, policy numbers, social security numbers and bank account information…
Humana notifies members after it detects suspicious behavior in its interactive voice response system
Here’s something we don’t see everyday, and it involves Kentucky-based health insurer Humana. Humana’s technology team became suspicious after there were a number of calls to an 800 number of Humana’s that involved their Interactive Voice Response system where the caller was able to authenticate as a member by providing date of birth, zip code, and…
Insurance startup leaks sensitive customer health data
Zack Whittaker reports: A software startup that provides independent insurance brokers with customer management software has exposed highly sensitive information on thousands of insurance policy holders. A vast cache of data was stored on Amazon S3 storage bucket by AgentRun, a Chicago, Ill.-based company founded in 2012 by Andrew Lech, a former independent insurance broker….