Everyone from municipalities to higher education and healthcare companies reported data breaches this month, once again proving that it’s not a matter of if, but when, your company will come under attack.
Here are the recent data breaches that made headlines in May 2018:
City of Goodyear
After a citizen of Goodyear, AZ, recognized fraudulent activity on their bank account, the city found a breach of its utility bill pay systems. In response, Goodyear took its payment system offline as it addressed the source of the data breach. About 30,000 utility customers could be impacted as a result.
On May 11, the popular restaurant chain Chili’s announced a data breach that compromised customers’ debit and credit card information. Hackers used malware to steal payment card information between March and April of this year.
This popular travel website for booking European getaways experienced a 3-month data breach from November 2017 to mid-February 2018. In similar fashion to the Chili’s breach, hackers used credit card-skimming malware on Rail Europe’s website to capture payment card numbers, expiration dates, and verification codes. The cybercriminals were also able to capture customer names, gender, email and physical addresses, phone numbers, and usernames/passwords.
A provider of speech recognition software for healthcare companies, Burlington, MA-based Nuance Communications experienced a data breach exposing 45,000 patient records. The breach occurred when an unauthorized former employee hacked into the company’s medical transcription platforms. The information accessed included names, dates of birth, medical records, and treatments received. Those patients affected have been notified.
University at Buffalo
Higher education institutions are one of the main targets for hackers and cybercriminals. In the latest successful attack, the University at Buffalo was breached after the login information of more than 2,500 students, alumni, and staff was stolen.
In the month’s largest healthcare data breach, Baltimore-based LifeBridge Health announced a breach that exposed the personally identifiable information of 500,000 patients. The breach occurred as a result of a cyberattack in September 2016, and exposed individual’s names, addresses, birth dates, insurance information, and Social Security numbers.
Aultman Health Foundation
A phishing attack on Ohio-based Aultman Health Foundation has exposed the information of 42,600 patients across 25 physician practices. Patients who had their driver’s license and/or Social Security number exposed have been offered a year of free identity theft protection.
Be sure to check back next month for the latest major data breaches in 2018.