CYBER BREACH MONDAY: (This information was first published in the Aug. 3 edition of Inside Security)
Cub Pharmacies (Minn.): undisclosed number of victims; PHI stolen by looters during recent protests.
Gravitas (Auckland, N.Z.): data on an undisclosed number of police complainants; information was disclosed in a Nigerian-linked breach.
Kiwibank (Wellington, N.Z.): 4,200 breach victims; bank sent customers emails or statements that included their account number, name, and address, but another person's transaction history.
Sheldon Independent School District (Houston, Tex.): undisclosed number of breach victims; current and former staff and students had their names, years in school, school names, teacher names, sex, race, test scores, and English language proficiency information exposed in a network breach.
Vermont's Tax Department: undisclosed number of taxpayers; the department exposed three years' worth of tax return data due to a bug in its online filing site.
The following breaches of protected health information (PHI) were recently reported to the Department of Health and Human Services:
Allergy and Asthma Clinic of Forth Worth (Tex.): 69,777 individuals affected by a network server hacking/IT incident.
Beaumont Health (Mich.): 6,073 individuals impacted by an email and network server hacking incident.
Elkins Rehabilitation & Care Center (W.V.): 3,127 individuals affected by an email hacking incident. Elkins first discovered the breach in February 2019 but took almost 1.5 years to report it.
Highpoint Foot & Ankle Center (Pa.): 25,554 individuals affected by hacking/IT incident of a network server.
Mountain Peaks Family Practice (Utah): 1,505 individuals impacted by the unauthorized access/disclosure of paper records.
Walgreen (Ill.): 72,143 individuals affected by the theft of a portable electronic device.
As reported in Inside Security:
- A data breach costs a U.S. company, on average, $8.6M, which is double the global average cost of $3.9M. Read more...
- Beauty products firm Avon has exposed more than 7 GB of sensitive data, including 19 million records, on an unsecured server. Read more...
- The Nefilim ransomware group has posted 14 GB of data stolen from refrigeration firm DKA, a subsidiary of Germany multinational firm Dussman Group. Read more...
- Pivot Technology Solutions, a Canadian managed service provider, suffered a ransomware attack that compromised sensitive data. Read more...