On February 15, 2018, UnityPoint Health discovered our email system was the victim of a phishing attack that compromised some employee email accounts. UnityPoint Health promptly took action to secure the impacted email accounts, changed passwords, and engaged external cybersecurity professionals to analyze what information might have been contained in the impacted accounts. After a…
Category: U.S.
La: Former medical assistant, 7 others jailed in connection with prescription fraud
Littice Bacon-Blood reports: A former medical assistant at a children’s clinic and seven others have been arrested and jailed in connection with a fraudulent prescription drug ring for opiate-based medication, authorities in St. John the Baptist Parish announced Friday (April 13). Authorities at the St. John Sheriff’s Office accuse the medical assistant, identified by authorities as…
Mise En Place Restaurant Services, Inc. Notifies Clients, Individuals Following Cyberattack
Sometimes I see a press release subject line and incorrectly assume it will be about customer data. This one from April 13 is more serious, it seems: Mise En Place Restaurant Services, Inc. (“MEP”) announced today that it was subject to a ransomware attack, which may have potentially exposed some information of clients and individuals….
Mount Ida students’ records shared without their permission
This may be more a matter for PogoWasRight.org than this site, so I’ll cross-post it over there. Laura Krantz reports: Students and parents at Mount Ida College say they are furious because the college shared their private records with UMass Dartmouth without their permission, amid a controversial plan to shut down the college and offer…
Blue Shield of California notifies members of privacy breach
As submitted to the California Attorney General’s Office: On March 23, 2018, the Blue Shield of California (Blue Shield) Privacy Office received confirmation that your Protected Health Information had been shared with an insurance broker who was not authorized to receive it. The disclosure occurred in November 2017, during the 2018 Medicare Annual Enrollment Period,…
College Consultants’ Client Information Was Exposed on Web Servers
Fernanda Zamudio-Suaréz reports: User names, email addresses, phone numbers, and other information belonging to independent college consultants who used CollegePlannerPro from 2015 to 2017 were freely available to anyone on web servers used by the software company. An anonymous tip sent to The Chronicle on Thursday pointed out a hyperlink that anyone could use to…