VPNMentor reports that Tech Data Corporation sprung a major leak…. The research team at vpnMentor discovered a major data leak at the Tech Data Corporation (NASDAQ: TECD), a Fortune 500 company providing tech products, services, and solutions globally. vpnMentor’s researchers, led by security researchers Noam Rotem and Ran Locar, identified the consequential data breach that exposes…
Category: U.S.
Sock company Bombas fined by NYS for delayed notification of data breach
There’s a follow-up to the Bombas breach that was previously reported on this site. Laura Italiano reports: Sock-maker Bombas has settled the most uncomfortable data-breach probe in the history of feet. New York Attorney General Letitia James on Thursday announced that Bombas LLC — whose ads call their products “the most comfortable socks in the…
Massive Security Flaw Detected on Baltimore County Schools’ Digital Platform, Exposing Highly Sensitive Information on Students and Staff Members
Ann Costantino reports: A massive security flaw has been detected that allowed unrestricted access to highly sensitive records pertaining to students, staff and internal school system data on a Baltimore County Public Schools (BCPS) public facing website. The system’s BCPS One/Schoology platform, where students are able to access classes, grades and academic resources online, is…
Aetna first notifying 238 Virginia employees of BenefitMall breach that they’ve known about since December, 2018?
In January, 2019, we learned about a breach at Centerstone Insurance and Financial Services, Inc. d/b/a BenefitMall, a business associate. The breach reportedly affected more than 111,000 insurance members/covered employees of the vendor’s clients. HIPAA Journal covered the incident. Yesterday, Aetna issued a public notice related to the incident. Surprisingly, their notice discloses that by…
Kansas hospital pays $250K to settle charges it falsified EHR security risk assessment
Nathan Eddy reports: Coffey Health System, a 25-bed critical access hospital in Kansas, has agreed to pay a $250,000 settlement for alleged False Claims Act violations related to its meaningful use attestation. Specifically, the U.S. Department of Justice charged that the hospital falsely attested that it had conducted the necessary security assessment to comply with…
Unsurprisingly, big numbers from the AMCA breach are starting to be revealed
On May 10, when DataBreaches.net first reported that the American Medical Collection Agency had been breached, we reported that information from 200,000 payment cards had been found for sale on a top-tier market by Gemini Advisory analysts, whose investigation linked those cards to AMCA. At the time, we did not know how many other payment…