Update 1: And now add Seacoast Pathology, (9,300 affected) to the 20,000 described in the original post below, and the approximately 21 million disclosed last month. Update 2 (July 21): And now add American Esoteric Laboratories (541,900), CBLPath, Inc. (148,900), and Natera (unspecified number) to the list and tally. Update 3 (July 22): And now…
Category: Hack
Equifax to Pay Around $700 Million to Resolve Data-Breach Probes
AnnaMaria Andriotis reports: Equifax is nearing a deal to settle a slew of state and federal investigations into a 2017 data breach that exposed nearly 150 million Americans’ Social Security numbers and other sensitive personal information. Under the agreement, the credit-reporting firm would pay around $700 million to settle with the Federal Trade Commission, the…
Personal data of users on 1111 job bank leaked on overseas forum
Liu Chien-pang and Ko Lin report: Taiwan job bank 1111 confirmed Friday that the personal data of its online members was hacked and leaked to a foreign-based hacker forum, and the case is now being investigated by local authorities. Henry Ho (何啟聖), vice president of 1111 job bank, said the scope of the personal data…
Slack resets user passwords after 2015 data breach
Zack Whittaker reports: Slack will reset the passwords of users it believes are affected by a historical data breach that affected the company more than four years ago. In 2015, the company said it was hit by hackers who gained access to its user profile database, including their scrambled passwords. But the hackers inserted code…
Victims of AMCA’s breach allege AMCA not helpful enough in incident response
The other day, I wondered aloud whether there was anything the American Medical Collection Agency (Retrieval Masters) could have done after they were hacked to keep their big clients like Quest Diagnostics and LabCorp. An interesting report by Marianne Kolbasuk McGee on BankInfoSecurity suggests that there might have been. McGee reports that newly submitted court…
OH: Edgepark Medical Supplies notifying 6,572 patients after a “password spray attack”
It appears that RGH Enterprises, Inc., d/b/a Edgepark Medical Supplies, has had another HIPAA breach. The first time they came to this site’s attention was in January, 2014, when they disclosed a 2013 malware incident that had gone undetected for nine months and potentially impacted 4,230 patients. Then in January, 2018, they notified HHS and…