February 2018 has been a relatively light month for data breaches. So far this year there have been 140 breaches total, with businesses accounting for 40.7 percent and the medical/healthcare sector accounting for 28.6 percent.
A nonprofit health system, health insurance company, and an international logistics company reported a data breach this month.
Here are the recent data breaches and settlements that made headlines in February 2018:
A Florida health insurance provider, CarePlus Health Plans, notified its members of a data breach after the company realized an error in mailing its Explanation of Benefits letters. Due to a series of programming and printing errors, the letters were mailed to the incorrect CarePlus member. Roughly 11,200 members’ information was exposed in this privacy breach. The information disclosed included member name, plan identification number and name, provider of service, and services provided. The company stated that it has no indication that any data has been inappropriately used.
The personal information of 2,600 people was exposed in a data breach by Massachusetts’ largest private employer. Nonprofit health system, Partners HealthCare, announced that it’s computer network was breached and may have revealed patients’ private information including Social Security numbers, names, diagnoses, and prescribed medications. This breach occurred because of malware getting onto the network. The company is offering free credit monitoring to breach victims whose Social Security numbers were exposed and has said it “is not aware of any misuse of patients’ health or personal information.”
In February’s largest data breach, the passports, drivers licenses and other documentation of 119,000 FedEx customers was found on an unsecured Amazon S3 server. The server was discovered by Kromtech Security Center, a German-based international IT investment and development company. It found scanned IDs from countries including the United States, Canada, Mexico, Australia, Japan, and more. Some of the information exposed were customer names, home addresses, telephone numbers, and zip codes. Despite sitting unprotected for 3 years, FedEx has said that there’s no indication of this data being misappropriated.
Be sure to check back next month for the latest major data breaches in 2018.