HealthEquity, a US fintech firm for the healthcare sector, admits that a “data security event” it discovered at the end of June hit the data of a substantial 4.3 million individuals.
Stolen details include addresses, telephone numbers and payment data.… The incident began in March but was only detected in June. The company said in a letter to those affected that it received an alert on March 25 about a “systems anomaly requiring extensive technical investigation and ultimately resulting in data forensics” and that work continued until June 26 – the point at which it became aware that criminals had stole sensitive data.
Read more…
Source: MSN New
Related:
- Allstate sued for not reporting data breach of 165,000 New Yorkers
March 10, 2025
New York state sued Allstate on Monday, accusing the insurer’s National General unit of failing to report a data breach that exposed drivers’ license numbers, and not developing reasonable safeguards to protect policyholders’ private information. The lawsuit by New York Attorney General Letitia James was filed in a state court in Manhattan, and seeks civil fines. ...
- European Commission defends EU digital markets rules in the face of US attacks
March 7, 2025
Vice-Presidents Teresa Ribera and Henna Virkkunen have insisted that the EU’s Digital Markets Act (DMA) does not target US companies and applies agnostically to digital platforms designated under its rules as “gatekeepers”, in a letter responding to questions from the US Congress seen by Euronews. “The criteria for gatekeeper designation are based on objectively identified and ...
- Russian crypto exchange Garantex seized by law enforcement operation
March 6, 2025
The U.S. Secret Service, working with a coalition of international law enforcement agencies, has taken down and seized the website of Garantex, a Russian cryptocurrency exchange accused of being associated with darknet markets and ransomware hackers. On Thursday, the official Garantex website was replaced with a notice saying the exchange’s domain has been seized by the ...
- Hacked health firm HCRG demanded journalist ‘take down’ data breach reporting, citing UK court order
March 6, 2025
A U.S.-based independent cybersecurity journalist has declined to comply with a U.K. court-ordered injunction that was sought following their reporting on a recent cyberattack at U.K. private healthcare giant HCRG. Law firm Pinsent Masons, which served the February 28 court order on behalf of HCRG, demanded that DataBreaches.net “take down” two articles that referenced the ransomware ...
- US charges Chinese hackers who allegedly caused millions of dollars worth of damages
March 5, 2025
US prosecutors on Wednesday announced criminal charges against multiple Chinese nationals for allegedly hacking a range of US companies and municipalities for profit, causing millions of dollars’ worth of damage. Victims of the hackers include US-based critics of the Chinese government, Asian government foreign ministries, and US federal and state agencies, the Justice Department said. Some ...
- US suspends offensive cyber operations against Russia
March 3, 2025
The US has suspended operations and planning for offensive cyber operations against Russia, a senior US official told CNN. The suspension is “a major blow,” the official said, especially since planning for such operations takes time and research to carry out. The concern, the official said, is that the pause on offensive cyber operations against Russia ...