Data Breaches

Intercept Pharmaceuticals, Inc. ("Intercept"), a biopharmaceutical company based in Morristown, New Jersey, has filed a notice of data breach with the Attorney General of Massachusetts after discovering unauthorized access to confidential information entrusted to the company. The breach, revealed on February 22, 2024, resulted in the exposure of consumers' sensitive data, including their names,...

U-Haul, a prominent U.S. moving truck, trailer, and self-storage rental company, has revealed that data belonging to almost 67,000 customers in the United States and Canada was compromised in a cyberattack targeting one of its systems in early December, as reported by The Register. The attackers utilized stolen credentials to breach the U-Haul Dealer and...

Los Angeles International Airport (LAX) has fallen victim to a cyberattack, resulting in the exposure of a database containing 2.5 million records, as reported by Hackread. The breach occurred this month when IntelBroker targeted one of LAX's customer relationship management (CRM) systems. IntelBroker, the threat actor behind the attack, disclosed its focus on the vulnerable...

LoanDepot, a prominent loan and mortgage company, has officially confirmed that sensitive personal information of almost 17 million customers was compromised in a ransomware attack that occurred in January. The company revealed in a data breach notice submitted to Maine’s attorney general’s office that the stolen data encompasses a range of sensitive details including...

In a recent disclosure, Prince George’s County Public Schools (PGCPS), a school district in the Washington, D.C., suburbs, revealed that the personal information of nearly 100,000 individuals was compromised in a ransomware attack that occurred just before the start of the fall semester. PGCPS concluded its investigation into the incident earlier this year, as stated...

On February 9, 2024, Veolia North America ("Veolia") reported a data breach to the Attorney General of Montana following a recent ransomware attack targeting the company. The breach led to unauthorized access to consumers' sensitive information, including names, Social Security numbers, financial details, payment card numbers, dates of birth, government identifications, and driver's license...

On February 9, 2024, Signature Performance, Inc., a healthcare administrative solutions provider based in Omaha, filed a notice of data breach with the Attorney General of Montana after discovering unauthorized access to its IT network. The incident resulted in the exposure of consumers' sensitive information, prompting the company to initiate data breach notification procedures. According...

Prudential Financial, a prominent global financial services Fortune 500 company overseeing approximately $1.4 trillion in assets, disclosed a network breach last week, during which attackers accessed employee and contractor data before being blocked from compromised systems one day later. The second-largest life insurance company in the United States, Prudential serves over 50 million customers worldwide,...

Integris Health, Oklahoma's largest not-for-profit healthcare network, has informed U.S. authorities that a data breach in November 2023 compromised the personal information of nearly 2.4 million individuals. The healthcare organization, operating hospitals, clinics, and emergency care units statewide, confirmed the cyberattack on December 26, 2023, after patients received extortion emails threatening to sell their...

The Pentagon is currently in the process of notifying more than 26,000 current and former employees, job applicants, and partners about a potential exposure of their sensitive personal information in a data breach incident detected in early 2023. According to a notice obtained by DefenseScoop and dated February 1, 2024, the Defense Intelligence Agency (DIA)...

Southern Water, a major UK water supplier, has officially confirmed a recent ransomware attack resulting in unauthorized access to personal data belonging to both customers and employees. The company disclosed plans to notify approximately 5-10% of its customer base, equating to potentially between 230,000 and 460,000 individuals out of its 4.6 million customers in...

Krystal BioTech, Inc. ("Krystal"), a biotechnology company based in Pittsburgh, Pennsylvania, has filed a notice of data breach with the Attorney General of Massachusetts after discovering unauthorized access to confidential information entrusted to the company. The breach, reported on January 30, 2024, resulted in the exposure of sensitive information, including names, Social Security numbers,...

Vail-Summit Orthopaedics & Neurosurgery (VSON), a healthcare services provider based in Friso, California, recently filed a notice of data breach with the Attorney General of Vermont after discovering an attempt by an unauthorized party to infiltrate the company's computer network. The incident, reported on January 30, 2024, resulted in unauthorized access to sensitive information,...

Health Alliance, an insurance company based in Champaign, Illinois, recently filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering unauthorized access to sensitive information belonging to its members. The breach, which occurred through a subcontractor of one of Health Alliance's vendors, compromised...

On February 4, 2024, Perry Johnson & Associates, Inc. ("PJ&A") filed a notice of data breach on behalf of Concentra Health Services, Inc. ("Concentra") after discovering unauthorized access to information belonging to Concentra patients. The breach compromised sensitive information, including names and Social Security numbers of affected individuals. PJ&A, a medical transcription company serving various...