A curated list of the top stories of the week concerning data leaks and digital threats.
By KTVZ Team, June 18, 2019, KTVZ
The Oregon Department of Human Services announced Tuesday it is sending notices by mail to approximately 645,000 clients, notifying them that their personal information was compromised during a previously announced January data breach. The DHS said it is providing 12 months of identity theft monitoring and recovery services, including a $1 million insurance reimbursement policy, to individuals whose information was accessible.
By Charlie Osborne, June 19, 2019, ZDNet
US medical bill and debt collector American Medical Collection Agency (AMCA) has filed for bankruptcy protection in the aftermath of a disastrous data breach. At least 20 million US citizens have been impacted by the security incident, in which the hacker responsible ransacked AMCA’s internal systems to pillage user data including names, Social Security numbers, addresses, dates of birth, and payment card information.
By Charlie Osborne, June 17, 2019, ZDNet
Mermaids UK has apologized for an “inadvertent” data breach which exposed private messages between the charity and the parents of gender variant and transgender children. Over 1,000 pages of confidential emails were leaked online, including “intimate details of the vulnerable youngsters it [the charity] seeks to help.” The letters, sent between 2016 and 2017, also contained the names, addresses, and telephone numbers of those reaching out to the charity.
By Jim Wilson, June 17, 2019, Safety Detective
A research lab discovered a leak online that exposed an elastic server containing 3GB of data with over 1.6 million users affected. The database exposed personal contact information and other PII for employers and job seekers alike. With ethnic background, gender, and other potentially sensitive information about high profile professionals, it may be possible for malefactors to utilize this as a method for blackmail, and they can also use this data for a massive phishing campaign.
By Abeerah Hashim, June 18, 2019, Latest Hacking News
The Missouri Southern State University (MSSU) has disclosed a security incident following a phishing attack. The security attack followed a phishing email that targeted several employees. The details contained in the emails and attachments with the compromised accounts included first names, last names, birth dates, phone numbers, email addresses, home addresses, and Social Security numbers.