Tracking Common Causes of Recent Health Data Breaches

April 1, 2019 | Bank Info Security

So far in 2019, business associates were reported to be involved in more than a quarter of the major health data breaches added to the federal tally. Those 27 incidents reported as involving BAs so far in 2019 impacted a total of nearly 690,000 individuals, according to the HHS site.

VPN provider Citrix hacked, up to 6TB of data accessed

March 11, 2019 | PC Magazine

Enterprise VPN provider Citrix has suffered a hack that may have stolen sensitive information about the company’s technology. A security firm that warned Citrix about the breach says the hackers stole at least 6TB of data and are part of an Iranian hacking group that’s targeted more than 200 organizations.

Marriott says as many as 500 million Starwood guests’ data may have been breached

November 30, 2018 | USA Today

As many as 500 million people who made reservations at Starwood properties may have had their personal information accessed in a breach that lasted as long as four years. An unauthorized party had copied and encrypted information from the database and had taken steps toward removing it, Marriott says.

Opus & Ponemon Institute announce results of 2018 third-party data risk study: 59% of companies experienced a third-party data breach, yet only 16% say they effectively mitigate third-party risks

November 15, 2018 | The Associated Press

According to the Opus and Ponemon study, 59 percent of companies said they have experienced a data breach caused by one of their vendors or third parties. In the U.S., that percentage is even higher at 61 percent — up 5 percent over last year’s study and a 12 percent increase since 2016.

Department of Defense Data breach exposes 30,000 employees

October 14, 2018 | Forbes

On October 4th, Pentagon officials were alerted to a data breach that affected its personnel. Unauthorized hackers gained access to personal information and credit card numbers. The data was accessed via a system that maintained travel records. That system was not operated by the Department itself but an unnamed third party contractor.

City of Tyler’s Click2Gov payment system breached

September 11, 2018 | Central Texas News

According to a press release from Tyler, TX Monday, the city was notified that an unknown third-party was able to gain access to payments made through the system the City uses to collect payments for utilities and municipal court fines and fees.

Breach Reveal: PG&E exposed 30,000 sensitive records and fined $2.7 million

August 28, 2018 | Data Breach Today

A previously unnamed U.S. energy company that agreed to a record $2.7 million settlement after it left 30,000 records about its information security assets exposed online for 70 days in violation of energy sector cybersecurity regulations has been named as California utility PG&E.

close close