This month’s breaches started off with an Independence Day cyberattack of a popular, third-party social media app. The rest of the month saw retailers, healthcare organizations, the U.S. military, and an identity theft protection service get exposed.
Here are the recent data breaches that made headlines in July 2018:
This social media app became a target for hackers on July 4th. The names and email addresses of all 21 million Timehop users were exposed, and 4.7 million users also had there telephone number compromised.
Polar Fitness Trackers
After the Under Armour data breach earlier this year, the social platform of Polar Fitness Trackers, Polar Flow, revealed highly-sensitive personal and location data of military and counter intelligence personnel. This information exposed the location of military bases, embassies, airfields, nuclear storage sites, and intelligence agencies.
An unauthorized third party was able to obtain the personal information of online Macy’s shoppers. The retail giant has informed customers that their name, address, phone number, email address, birthday, and credit or debit card number with expiration dates were exposed.
U.S. Air Force
Classified data on the U.S. Reaper drone was leaked on the dark web after a hacker infiltrated an Air Force captain’s computer. Security researchers discovered the documents posted for sale on the dark web.
Nashville Metro Public Health
The confidential health and personal information of thousands of HIV patients sat unprotected on a government server for 9 months. Names, addresses, Social Security numbers, dates of birth, sexual preference, illegal drug use history, and more, were exposed in the Nashville Metro Public Health data breach.
UMC Physicians (UMCP)
Personal health information of more than 18,000 UMCP patients was exposed after an employee had their email account hacked. This latest healthcare data breach included names, addresses, phone numbers, medical record numbers, Social Security numbers, dates of birth, and insurance information.
LabCorp, the largest blood testing laboratories network in the U.S., had its IT system hacked by way of a ransomware infection. After detecting the breach, the company took its systems offline, affecting test processing and customer access to test results.
Boys Town National Research Hospital
More than 105,000 people are now at risk after Nebraska-based Boys Town National Research Hospital was breached. Again, this breach occurred after an employee’s email account was compromised.
The names, addresses, phone numbers, email addresses, and Social Security numbers of 662,000 people may have been exposed in a data breach of ComplyRight. A security vulnerability jeopardized tax forms from thousands of the company’s clients.
Millions of email addresses were exposed in a security flaw on the website of identity theft protection company, LifeLock. It’s been reported that this bug could easily allow anyone to index customer accounts, unsubscribe them from LifeLock communications, and conduct phishing attacks.
For the second time this year and in the largest healthcare data breach of the year, a phishing attack on UnityPoint Health compromised the records of 1.4 million patients. The organization’s first breach occurred back in April, exposing 16,000 patients. The data at risk this time includes names, addresses, medical records, insurance information, and in some cases payment card and Social Security numbers.
Be sure to check back next month for the latest major data breaches in 2018.