Skip to main content

Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.

The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.

Kaiser Permanente
Exploit
: Credential Compromise
Kaiser Permanente: Healthcare Provider 

Risk to Small Business: A data breach at healthcare and insurance giant Kaiser Permanente has exposed the personal information and health data of patients in the state of Washington. The company says that an unauthorized party gained access to its systems through a compromised employee email account in April 2022. The U.S. Department of Health and Human Services Office for Civil Rights reports that 69,589 records were potentially exposed as a result of the email security slip-up at Kaiser’s Washington unit. 

How it Could Affect Your Business: This will be an expensive employee mistake (and training failure) once regulators get finished with penalties for this incident.

Comstar
Exploit:
 Hacking
Comstar: Medical Billing Service 

Risk to Small Business: U.S. ambulance billing service Comstar has disclosed that it has exposed sensitive information belonging to medical patients. The company stated that it notices suspicious activity in March 2022, and an investigation determined that certain systems on Comstar’s network were subject to unauthorized access, but investigators were ultimately unable to confirm what specific information on those systems was accessed.

How it Could Affect Your Business: Any breach that involves healthcare data is going to cost the company a pretty penny in cleanup and fines.

Robert Half
Exploit: Credential Stuffing
Robert Half: Staffing Company

Risk to Small Business: Robert Half has determined that more than 1000 job seekers and employees placed by the firm had their accounts accessed by an unauthorized source between April 26 and May 16, 2022, exposing potentially sensitive information that may have been stolen. The company says that there is no evidence that the information was accessed or downloaded, and current users are required to update their passwords.

How it Could Affect Your Business: Teaching employees to make good, strong passwords and handle them safely with security awareness training prevents problems like this.

Eyecare Leaders
Exploit
: Hacking
Eyecare Leaders: Medical Records Service 

Risk to Small Business: An estimated two million eyecare patients may have had their personal and health data exposed by medical billing service Eyecare Leaders. 1.3 million of those patients sought treatment at Texas Tech University Health Sciences Center. The company, provider of the myCare Integrity electronic medical record platform has disclosed that it suffered a data security incident in December 2021 that resulted in “the deletion of databases and systems configuration data”. Over 20 other eyecare practices have also had patient data exposed in this incident.  

How it Could Affect Your Business: Service providers can be a source of data breach risk and an incident like this will be very expensive for every organization involved.