Pharmacy giant Rite Aid receives online paystubs, W-2s, and self-service applications from Equifax. In early March, Equifax notified Rite Aid that it had detected suspicious activity on some Rite Aid employee accounts. Equifax’s investigation resulted in a subsequent notification to Rite Aid on April 30 that an employee had misused their privileged access to reset…
Category: Of Note
Updates on OPM breach(es)
Some bits ‘n pieces of the follow-ups on the OPM hack… Malia Zimmerman reports: In addition to data from the OPM breach, Roberts said a new OWL search has uncovered another 9,500 government log-in credentials stolen this week from a variety of county, state and federal agencies across the nation, for everything from the Obamacare…
NY: 18,000 North Shore University Hospital- LIJ patients notified 8 months after data theft at business associate’s offices
Candic Ruud reports: The North Shore-Long Island Jewish Health System is warning about 18,000 patients that their personal, health and insurance information is at risk due to a potential data breach. Five laptops were stolen last September from the offices of Global Care Delivery, a Texas-based firm that contracted with North Shore-LIJ and other providers…
Sex, lies and debt potentially exposed by OPM hack
Arshad Mohammed and Joseph Menn report: When a retired 51-year-old military man disclosed in a U.S. security clearance application that he had a 20-year affair with his former college roommate’s wife, it was supposed to remain a secret between him and the government. The disclosure last week that hackers had penetrated a database containing such…
Private medical data of 6,600 Texans was exposed on Internet for up to 8 years
J. David McSwane reports: Confidential medical records of more than 6,600 Medicaid patients in Texas were unintentionally made public for up to 8 years via the Internet by the Department of Aging and Disability Services. The agency, which is charged with assisting some of the state’s most vulnerable people, became aware of the breach in…
Missing Link Network breach affects winery clients (update3)
Missing Link Network, the e-commerce provider for a number of wineries, notified its clients on May 27th of a breach that occurred between April 1 and April 30. The breach resulted in the attacker gaining access to customers’ names, addresses, dates of birth, and payment card data. Affected clients include (links go to their notification…