Rachel Yonkunas reports: Multiple investigations are underway after a contact tracing data breach exposed personal health information of 72,000 Pennsylvanians. The unsecured information was collected by employees of Insight Global—the company paid around $30 million in taxpayer money to perform contact tracing in the state. “You could see people’s phone numbers, how many kids they…
Category: Subcontractor
Thrifty Drug discloses security breach
Thrifty Drug Stores Inc., which does business as Thrifty White, is notifying customers about a security breach. Thrifty Drug in a statement said it worked with a business associate, Capture Rx, that discovered certain files on its system were accessed without authorization in February. Read more on Bismarck Tribune.
Blackbaud ransomware incident: update to education sector impact
Data from the Blackbaud incident continues to dribble in. Marco A. De Felice continues to track the incident as it impacted the education sector and he has another update: UPDATE (3) of 30.04.2021 Total number of people involved 7,975,221 (+66,641) In the update of 30.04.2021, 7 new Institutions affected by the Blackbaud Data Breach are…
School Nutrition Vendor Sued for Compromise of 867,209 K-12 Student Records
Linn Freedman of Robinson + Cole writes: PCS Revenue Control Systems, Inc. (PCS) was hit with a proposed class action lawsuit last week alleging that it discovered a data breach from a hacking attack in December 2019 but failed to notify the affected students until March of 2021. According to the lawsuit, student information was…
Yale New Haven Health impacted by data breach at radiation software vendor
ABC17 reports: A data breach has impacted Yale New Haven Health. On Friday, the healthcare system announced that Smilow Cancer Hospital at Yale New Haven is among many hospitals nationwide that were impacted by software issues at Elekta. Elekta is the company that provides the software to run linear accelerators for radiation treatment of cancer…
Celsius email system breach leads to phishing attack on customers
Lawrence Abrams reports: Cryptocurrency rewards platform Celsius Network has disclosed a security breach exposing customer information that led to a phishing attack. Today, Celsius CEO Alex Mashinsky stated that Celsius’ third-party marketing server was compromised, and threat actors gained access to a partial Celsius customer list. Read more on BleepingComputer.