Get Started Today!  732-747-9373   

Fotolia 68929807 M new

DeckerWright Corporation Blog

The Week in Breach: 11/20/19 - 11/26/19

cyber criminalsUnited States - Select Health Network

Exploit: Unauthorized Email Account Access
Select Health Network: Indiana-Based Collection of Healthcare Providers

An employee’s compromised email account credentials were used to access sensitive data for thousands of patients. The data was accessed between May 22 and June 13, and it’s unclear why it took the company so long to identify the breach and to report it to patients. Regardless, a small vulnerability will likely result in a sizable blow-back in the form of regulatory scrutiny, brand erosion, and potential financial repercussions.

United States - PayMyTab

Exploit: Accidental Data Exposure
PayMyTab: Hospitality Payment Platform

Cyber-security researchers located an unsecured Amazon Web Services bucket that contained the personal data for tens of thousands of PayMyTab users. Notably, the data packet was exposed because PayMyTab personnel failed to follow Amazon’s security protocols. Fortunately, the error was discovered by white hat hackers and was reported to the company, but the bucket had been exposed since July 2, 2018, giving bad actors plenty of time to locate and exploit the information first.

United States - Solara Medical Supplies

Exploit: Compromised Email Account
Solara Medical Supplies: Supplier of Diabetes-Related Treatment Products

An unauthorized third-party gained access to several employee accounts containing patient and employee data. The breach was first discovered on June 20th, and the compromised data was exposed between April 2nd and June 20th. In response, the company reset account passwords, and Solara is updating its policies to ensure that a similar scenario doesn’t occur again in the future. Unfortunately, such maneuvers won’t help patients whose data was already stolen in the breach. Moreover, the company’s lengthy response time will certainly invite increased regulatory scrutiny while giving consumers fodder for criticism during the recovery effort.

The Week In Breach: 11/13/19 - 11/19/19

Mobile? Grab this Article!

Qr Code

Latest Blog

United States - Select Health NetworkExploit: Unauthorized Email Account Access Select Health Network: Indiana-Based Collection of Healthcare ProvidersAn employee’s compromised email account credentials were used to access sensitive data for thousands of patients. ...

Account Login