Richard Chirgwin reports: The Good Guys is the latest company to reveal that some of its customer leaked in a historical data breach at My Rewards. According to The Good Guys’ notification, the breach occurred at My Rewards, known at the time of the breach as Pegasus Group, a provider of loyalty program software and services….
Category: Subcontractor
Aviacode remains silent after 0mega dumps 200 GB of their files
On January 9, DataBreaches noticed that Aviacode had been added to the leak site for 0mega. Aviacode, which is part of GeBBS Healthcare Solutions, offers medical coding services, medical coding audits, coding denial management, clinical documentation improvement, and revenue cycle management for billings and claims. As such, it is often a business associate for HIPAA-covered…
Mscripts notifies 66,372 patients whose prescription information was in unsecured cloud storage for two years
“Thousands of pharmacies & millions of people use mscripts,” the mscripts website claims. “We provide a digital communication platform to help patients stay on track with their healthcare by delivering targeted messages through a mobile and web platform tied directly to the pharmacy dispensing system,” the California firm explains. mscripts is Cardinal Health’s mobile pharmacy…
Edgepark Medical Supplies notifies patients of Rise Interactive Media & Analytics data breach
RGH Enterprises, Inc. d/b/a Edgepark Medical Supplies (“Edgepark”) is an Ohio medical supplies provider that ships products directly to patients and bills their insurance for them. Rise Interactive Media & Analytics, LLC (“Rise”) is an Illinois firm that provides digital marketing services for Edgepark as a business associate. They also provide analytics and other services…
FL: Brooks Rehabilitation notifies patients of pixel tracking breach
On January 30, Brooks Rehabilitation (“Brooks”) in Florida disclosed that in December, they discovered tracking technology vendors that provide services to Brooks were able to view/access individually identifiable health information (IIHI) provided when a website user provided contact information or feedback via a Brooks website. The data transmitted could have included information such as name;…
Community Health Systems estimates 1 million patients impacted by vendor’s GoAnywhere breach
Sometimes our first report of a data breach comes in an 8-K filing to the Securities and Exchange Commission. Such is the case with a breach affecting Community Health Systems, Inc. in Tennessee. In its 8-k filing of February 13, CHS discloses that they were recently notified by Fortra, LLC, a third party vendor of…