Kartikay Mehrotra and Alyza Sebenius report that the timing of the attacks exploiting vulnerabilities in Microsoft Exchange right before Microsoft could push patches out has Microsoft considering whether there was some leak that alerted the hackers: Microsoft is now investigating the possibility of a leak that may have triggered these mass Exchange compromises ahead of…
Category: U.S.
Overseas Service Corporation notification of a breach
Another report we may not see on HHS’s public breach tool but that involves health information. This reads like it is a notification to employees based on the types of data involved, but it doesn’t actually say who the breach impacted. Overseas Service Corporation (“OSC”) announced today a phishing email incident that involved a small…
Personal information of over 50,000 Premier Diagnostics customers exposed on unsecured server
Diego Romo reports: A Consumer privacy watchdog, “Comparitech,” found that Lehi based company Premier Diagnostics was storing sensitive customer information on a publicly accessible server, leading to a potential data breach for over 50,000 customers. “This data could be in anyone’s hands now,” said Paul Bischoff, editor of comparitech.com. “So, your ID and your medical card are probably…
Multi-state settlement in 2019 American Medical Collection Agency breach
New York Attorney General Letitia James today announced an agreement between a bipartisan coalition of 41 attorneys general from around the nation and the Westchester County debt collection agency Retrieval-Masters Creditors Bureau, d/b/a American Medical Collection Agency (AMCA), that resolves a multistate investigation into the company’s 2019 data breach. The breach exposed the personal information —…
Cyber attack causes systems outage at Molson Coors
Yesterday, WTMJ reported: Molson Coors was the target of a cyber attack, the company confirmed to WTMJ on Wednesday. The brewery experienced a “systems outage due to a cyber-security incident,” according to Adam Collins, the company’s chief communications and corporate affairs officer. While some outlets questioned whether the attack might be related to the Microsoft…
Walmart: Notice of Data Security Incident
On February 16, 2021, Walmart was informed by one of its suppliers that a data hosting service they used was compromised on January 20, 2021. An unauthorized party accessed the service and stole records from that service provider. Some of those records included information about a confined number of Walmart pharmacy patients. Walmart’s information systems…