While most of us have been hitting the beach, embarking on road trips, and enjoying our summers, it’s clear that hackers and identity thieves haven’t gone on vacation or taken any time away from criminal activity. In fact, they’ve been hard at work targeting various companies around the country, looking for all types of sensitive, personal data to steal.
Here are the recent data breaches that were making headlines in August 2016:
We’ve told you about countless breaches at various retail locations, restaurants, stores, and hotels in recent years — but a breach uncovered in August 2016 at Oracle Corp. may be the original, compromised source everyone has been looking for. Oracle is a huge software company, and they own the widely-used MICROS point-of-sale system that’s operates in more than 330,000 cash registers around the world.
The problem was uncovered by security expert, Brian Krebs, and it looks like hundreds of company computers, as well as an online support portal, were breached. Though it hasn’t been confirmed, many other experts are buzzing that there’s a good chance the hackers also uploaded malware into the point-of-sale systems, giving them the ability to steal credit and debit card numbers.
Healthcare data breaches are becoming more and more common, and a breach at a company that issues healthcare ID cards is among the most recent. Newkirk Products announced that 3.3 million of its health insurance plan customers had member information stolen when a server was accessed without authorization. It doesn’t look like the information has been used in a fraudulent way yet, but thieves were able to obtain a broad range of personal data including names, addresses, health insurance plan information, and dates of birth.
Bon Secours Health System
The healthcare industry saw another data breach in August, but it was slightly different — and shows that not all data breaches involve hackers. The Bon Secours Health System, which is headquartered in Maryland and has all types of facilities in six states, discovered that a vendor they hired accidentally published more than half a million patient records online.
The vendor, R-C Healthcare Management, inadvertently made approximately 655,000 patient records available on the Internet during a four-day period from April 18-21, 2016. The breach was discovered by Bon Secours in June 2016, and they notified the public in August 2016. The compromised information included patient names, names of their insurance companies, health insurance identification numbers, Social Security numbers, “and limited clinical information,” according to a Bon Secours press release. Currently, there’s no evidence that the sensitive information was stolen or misused in any way.
Check back next month to stay up to date on the most recent data breaches