The following is part of the notice Village Senior Services Corporation d/b/a VillageCareMAX posted on their website. Note that the attacker was apparently requesting names and Medicaid ID numbers, which makes me wonder what the plan for misuse was — insurance fraud, perhaps? VillageCareMAX (“VCMAX”) is providing notice of an incident that may affect the…
Category: U.S.
LabCorp website bug exposed thousands of medical documents
Zack Whittaker reports: A security flaw in LabCorp’s website exposed thousands of medical documents, like test results containing sensitive health data. …. This latest security lapse was caused by a vulnerability on a part of LabCorp’s website, understood to host the company’s internal customer relationship management system. Although the system appeared to be protected with a…
Beaumont investigating security breach of 1,200 patient files
Sarah Rahal reports: Beaumont Health officials are investigating a security breach by a former employee who accessed patient information, hospital officials said Saturday. Beaumont notified 1,182 individuals about the incident on Friday saying a now-former employee had unauthorized access of patient information. The employee, who was terminated, is suspected of disclosing information to an individual working…
TX: Hackers Stole $10.5 Million From Richardson Company: Feds
Scott Gordon reports: Hackers stole $10.5 million from a Richardson real estate software company with the help of “money mules” – dozens of Americans who unwittingly accepted fraudulent money into their accounts, transferred it to those behind the scheme, and kept a cut for themselves, according to court documents. The company, RealPage, contacted the Dallas…
Iowa DHS data breach: Boxed for shredding, documents were dumped by janitor instead
Andrea May Sahouri reports: The Iowa Department of Human Services reported Friday a data breach that occurred in November involving personal information of 4,784 individuals related to income maintenance and social work cases in Dallas County, according to a DHS news release. A contracted custodial company mistakenly emptied boxes containing documents to be shredded into the office’s…
Fired computer programmer gets prison time for cyberattack against ex-employer in Oregon
Maxine Bernstein reports: A man fired from a McMinnville-based digital marketing company was sentenced Wednesday to a year and a day in federal prison for launching a cyberattack against his former employer. Kristopher Ives began working for Gearbox Studios in March 2010 as a computer programmer and later as its lead programmer for server architecture…