Facebook
week15-2022-min

Here’s your weekly #databreach news roundup:

Contra Costa County, Bob’s Red Mill, Adaptive Health Integrations, Shiseido UK, Lakeview Loan Servicing, and Geico.

Contra Costa County

Extremely sensitive private information belonging to residents of Walnut Creek and elsewhere in Contra Costa County may have been stolen last year during a data breach, the county warns.

The breach happened at the county’s Employment and Human Services Department. The potentially pilfered information included names and one or more of the following: Social Security numbers; driver’s license or state-issued identification numbers; financial account numbers; passport numbers; medical information and health insurance information.

The breach happened between June 24 and August 12, 2021.

Bob’s Red Mill

week15-2022-bobs-redmill

The company behind a popular American brand of whole-grain foods has notified its online customers that their personal data may have been exposed in a recent cyber-attack.

Bob’s Red Mill Natural Foods issued a data breach notice on April 15 after learning that it had fallen victim to a data scraping cyber-attack that began two months ago.

“We recently learned that, between February 23 and March 1 2022, malicious software was used to “scrape” purchase-related information entered into our website,” said the company, which is headquartered in Milwaukie, Oregon.

The company said that data entered into its website is usually sent directly to the company’s payment processor via secure protocols. However, unidentified cyber-attackers used malicious software to divert the information.

Adaptive Health Integrations

week15-2022-adaptivehealthintegrations

n Adaptive Health Integrations data breach has recently been reported to the Department of Health and Human Services’ Office for Civil Rights (OCR) that involved the protected health information (PHI) of 510,574 individuals.

Adaptive Health Integrations is listed as a Williston, North Dakota-based provider of LIS software services and billing/revenue services to laboratories, physician offices, and other healthcare companies. The notification letters, a copy of which was found on the Montana Attorney General website, state that the company recently became aware that an unauthorized individual had gained access to its system on or around October 17, 2021, and may have accessed “a limited amount of data stored on our systems.”

Shiseido UK

week15-2022-ShiseidoUK

THE DETAILS Information that was exposed in the breach is said to include addresses, passport and ID images, and bank details. 

According to beauty industry watchdog Estee Laundry, the company failed to advise employees, with Shiseido’s management and HR department reportedly denying responsibility and “refusing to contact ex-employees to alert them.”

Some employees are said to have been victims of fraud, with the details being used to open fraudulent businesses as well as taking out loans and insurance. 

Lakeview Loan Servicing

week15-2022-Lakeview Loan Servicing

Lakeview Loan Servicing discloses a manor data breach that remained concealed for more than a month affecting the personal information of over 2 million customers.

The company, which claims to be the fourth-largest servicer in the country, stated in public disclosures that the breach affected 2,537,261 borrowers between Oct. 27, 2021, and Dec. 7, 2021, and was discovered in early December. According to the letters, an unauthorized person gained access to the firm’s servers and information, including names, addresses, loan information, and Social Security numbers. One of the notices described the occurrence as an “external system breach (hacking).”

Geico

Insurance giant Geico mailed notifications of a data breach to its customers last week, indicating that an unknown number of driver’s license numbers were compromised during a six-week period early in the year. The notification advised Geico customers that these numbers might be used for fraudulent unemployment claims, urging them to be on the lookout for unusual or suspicious communications from the state government.