Health insurer Humana recently began notifying an unspecified number of health plan members after detecting and blocking a credential stuffing attack against Humana.com and Go365.com. The attacks took place on June 3 and June 4 from overseas IP addresses. In a notification letter dated June 21, Jim Theiss, Humana’s Chief Privacy Officer, writes: On June 3,…
Category: U.S.
Associated Dermatology and Skin Cancer Clinic notifies patients after journal stolen from employee’s car
Associated Dermatology and Skin Cancer Clinic of Helena notified 1,254 patients of a breach of unsecured personal patient protected health information. On May 26, an Associated Dermatology employee learned that someone had broken into her car and taken a journal she had been keeping for personal use to assist her in her care of Associated…
Middletown Schools Hit With Ransomware Attack
Shawn R. Beals reports: The Middletown school district is working to restore access to its computer systems after discovering a ransomware virus Thursday that had locked the staff out. Ransomware is a type of computer virus that encrypts data, rendering it unusable. Typically, the virus demands a ransom payment in order to have access restored….
FBI: Man arrested at Rochester tanning salon stole photos, passwords from 150 victims
WHAM reports: A Rochester man previously charged with recording a woman at a tanning salon in Rochester without her permission may have stolen personal information and photos from as many as 150 victims, according to an FBI investigation. On December 7, 2016, investigators with the Rochester Police Department said a woman at the Zoom Tan…
Notre Dame de Namur University notifying financial aid applicants of data security incident
Notre Dame de Namur University is notifying some financial aid applicants that their information may have been compromised when an employee fell prey to a phishing attack. In its notification letter (reproduced below), Henry Roth, the Chief Financial Officer and VP of Administration, writes that the university learned of the possible compromise on May 18. Investigation…
Equifax Engineer Who Designed Breach Website Charged With Insider Trading
Catalin Cimpanu reports: The US Securities and Exchange Commission (SEC) has indicted a former Equifax engineer on charges of insider trading. According to court documents, Sudhakar Reddy Bonthu, 44, of Cumming, Georgia, worked for Equifax between September 2003 and March 2018. Starting September 2013, Bonthu worked as Production Development Manager of Software Engineering in Equifax’s…