Top 5 Cybersecurity Breaches in January

Despite all of the security steps companies are taking, hackers are still finding their way in to an organization’s crown jewel assets. Here are the top 5 breaches reported in January.

U.S. Cellular: This breach hasn’t been verified but it has been reported that a hacker is selling a database of over 121 million U.S. citizens on the dark Web. This includes first name, last name, address, city, state and cell phone numbers. The hacker states that the database is as recent as January 2017.

Summit Reinsurance Services Inc. and BCS Financial Corporation: The Delaware Department of Insurance is investigating a security breach involving Summit Reinsurance Services Inc. (SummitRe) and BCS Financial Corporation, both subcontractors of Highmark BlueCross BlueShield of Delaware. The breach affects thousands of Delawareans with employer-paid plans. It impacts a total of sixteen current and former Highmark self-insured customers and approximately 19,000 of its members. The breach was uncovered due to multiple consumer complaints.

Cellebrite: Uh oh… a company hired to protect data was hacked. Cellebrite, a firm hired by government and military groups to rip data from mobile devices, was breached, leading to the theft of roughly 900GB of data. The data included details about Cellebrite customers, the firm’s databases, technical information relating to the company’s products, logs, and evidence from seized mobile devices.

Verity Health: An unauthorized breach was detected on the Verity Medical Foundation-San Jose Medical Group website, which has since been shut down. The personal information of more than 10,000 patients of Verity Health may have been compromised after the website was hacked. The information included patient names, dates of birth, addresses, email addresses, phone numbers, medical record numbers and the last four digits of credit card numbers, dated between 2010 and 2014.

Sentara Healthcare: A breach at a third party vendor for Sentara Healthcare has compromised the records of over 5,000 patients. The incident involves 5,454 vascular and thoracic patients seen between 2012 and 2015 at Sentara hospitals in Virginia. Sentara patients were issued a letter informing them of the breach. The accessed information may have included patients’ names, medical record numbers, birth dates, social security numbers, procedure information, demographic information and medications.

These breaches should be a red flag to all organizations. Whether it’s an inside threat or an external one, you need a better approach to protecting your company’s most valuable assets. Start by clicking here to learn how your cyber posture compares to other leading organizations.