It’s been more than a decade since DataBreaches covered any significant data breach involving the Aloha POS system, and back then it was owned by Radiant Systems. In 2011, NCR Corporation bought Aloha POS. Things were fairly quiet since then, if you don’t count NCR’s response to a zero day RCE vulnerability that NCR somewhat…
Category: U.S.
Lawsuit Claims Mount Nittany Health Shared Private Patient Information with Facebook, Google (update1)
Geoff Rushton reports: A lawsuit filed in Centre County Court this week alleges that Mount Nittany Health violated medical privacy rights by disclosing patients’ private information to Facebook, Google and other third-party websites without their knowledge. Ah. Another tracker lawsuit, right? What caught DataBreaches’ eye about this one was the following: … Mount Nittany has…
Patient Advances Data Breach Class Action Against Lamoille Health
Christopher Brown reports: Lamoille Health Partners Inc. must face a proposed class action alleging it negligently failed to protect the personal information of 60,000 people that was exposed in a data breach. Lamoille Health wasn’t entitled to immunity from suit under the Public Health Service Act because the lawsuit’s data breach allegations weren’t interwoven with…
Retina & Vitreous of Texas notifies 35,766 patients of ransomware attack but doesn’t call it one
On April 10, Retina & Vitreous Associates of Texas issued a press release about a security incident discovered in February. They write, in part, “On February 1, 2023, Retina & Vitreous became aware of unusual activity within its network and discovered that there had been unauthorized access to the environment…… On February 15, 2023, the investigation…
Guardsman arrested for leak of classified docs on Discord
Aric Toler, Michael Schwirtz, Haley Willis, Riley Mellen, Christiaan Triebert, Malachy Browne, Thomas Gibbons-Neff and Julian E. Barnes report: The leader of a small online gaming chat group where a trove of classified U.S. intelligence documents leaked over the last few months is a 21-year-old member of the intelligence wing of the Massachusetts Air National…
Over a Million Financial Records Exposed in Data Incident Involving NorthOne Bank
Jeremiah Fowler discovered yet another unsecured database. This one reportedly had more than one million financial records: The PDF documents that were made public included invoices from both individuals and businesses who used an app to pay for products and services. The invoices contained names, email addresses and physical addresses, phone numbers, and more. In…