Breach Clarity Weekly Data Breach Report: Week of May 24 - Security Boulevard

Breach Clarity Weekly Data Breach Report: Week of May 24

Each week Breach Clarity, recently acquired by Sontiq, compiles a list of what it considers to be notable data breaches—those that are worth highlighting because of the increased intensity of the risk to personal information. The Breach Clarity score identifies the level of risk on a scale of 1 to 10—the higher the score, the more severe the breach and level of risk.

This week’s spotlight breaches contain a breach perpetrated by a former employee of the County of Orange’s Social Service Agency. Insider threats like these can be especially pernicious. With authorized access to customer or employee personal information, employees are able to overcome many of the countermeasures in place to stop malicious external actors. Unlike external fraud threats, insiders also have a much greater ability to manipulate the system, making it far easier to commit certain types of fraud that are typically too labor-intensive to be profitable for external actors. This includes schemes like student loan fraud and medical fraud, both of which can be difficult to profit from without assistance from an insider who can divert funds to an account under the control of the fraudster.

New breaches added: 48

Phillip Galyen P.C.

BreachIQ score: 10

A cyberattack against Phillip Galyen P.C. allowed the perpetrator to access the Galyen network and exposed sensitive personal information on clients and employees of the law firm. Compromised data types include Social Security numbers, credit and debit card numbers, medical records including diagnosis and treatment information and more. Galyen did not disclose additional details about the nature of the breach or types of files compromised in their breach notification letter.

What should you do? Any time a breach exposes data that is this sensitive, victims should take the time to make sure that they have put essential protections in place across all aspects of their identity. This includes locking or freezing your credit report; using strong authentication on your bank accounts, email and other important services and making sure that you have set up alerts for suspicious activity on your accounts.

More information

County of Orange Social Services Agency

BreachIQ score: 8

A former employee of the County of Orange Social Services Agency inappropriately accessed and used information on individuals in the SSA system. Exposed data types include Social Security numbers, contact information, legal documents such as marriage certificates and tax and immigration records, medical records and more. While the data breach occurred in April 2018, it was not reported until May 2021. County of Orange SSA did not disclose additional details around how the former employee misused the accessed records.

What should you do? Since the information stolen in this breach creates a high risk of fraudulently opened credit (loan accounts), safeguards like locking or freezing your credit are the best place to start. If you expect to need to have your credit account unlocked, enrolling in credit monitoring through the provider offered by the breached organization or through a free service can help keep you informed of potentially suspicious changes to your credit report.

More information

Health Plan of San Joaquin

BreachIQ score: 7

Unauthorized access to business email accounts at Health Plan of San Joaquin allowed the perpetrator to gain access to patients’ sensitive personal and medical information contained in messages and attachments that passed through the affected email accounts. Exposed data types include Social Security numbers, driver’s license numbers, login information, medical records such as lab results and treatment information, and more.

What should you do? With medical records and insurance information compromised in this data breach, the top risk is medical identity theft – use of your identity to get access to medical services, often with the goal of obtaining prescription drugs or medical devices that have a high value on secondary market. Under HIPAA’s privacy rules, you can request copies of your medical records, which can allow you to identify erroneous information and correct it with your medical providers. The department of U.S. Health and Human Services and the Federal Trade Commission both maintain resources with additional information on warning signs to help identify and resolve medical identity fraud.

More Information

Nocona General Hospital

BreachIQ score: 5

A cyberattack against Nocona General Hospital allowed the perpetrator to access files on Nocona’s network containing sensitive personal information. Exposed data types include Social Security numbers, medical records such as diagnoses and treatments, and more.

What should you do? Since the information stolen in this breach creates a high risk of fraudulently opened credit (loan accounts), safeguards like locking or freezing your credit are the best place to start. If you expect to need to have your credit account unlocked, enrolling in credit monitoring through the provider offered by the breached organization or through a free service can help keep you informed of potentially suspicious changes to your credit report.

More information

About the Breach Clarity Score

Breach Clarity, recently acquired by Sontiq, created an algorithm that deeply analyzes and assigns every publicly reported data breach a Breach Clarity score, most often from 1 to 10. The higher the score, the more severe. (In rare and extreme cases, the score can exceed 10.)

The idea for the Breach Clarity score came from data breach expert Jim Van Dyke, who realized the public should be able to access the same analysis he used as an expert witness to discern data breach risks in the country’s biggest data breach cases. Breach Clarity’s artificial intelligence algorithm simulates that advanced, objective analysis and is available to anyone as a free tool in the fight against identity fraud and cybercrime. The score, risks and recommended action for any publicly reported data breach is available at Breach Clarity.

Featured eBook
Managing the AppSec Toolstack

Managing the AppSec Toolstack

The best cybersecurity defense is always applied in layers—if one line of defense fails, the next should be able to thwart an attack, and so on. Now that DevOps teams are taking  more responsibility for application security by embracing DevSecOps processes, that same philosophy applies to security controls. The challenge many organizations are facing now ... Read More
Security Boulevard

Kyle Marchini

Kyle Marchini is a product manager at Breach Clarity, where he oversees the development and implementation of data breach intelligence solutions for financial institutions, identity security providers and other organizational partners. Prior to his work at Breach Clarity, Kyle was a Senior Analyst for Fraud Management at research-based advisory firm Javelin Strategy & Research. He deeply studied both fraud management and consumer behavior, directing some of the industry’s most widely-cited research on identity fraud. His work has been cited on topics ranging from the impact of fraud and breaches on consumers’ banking relationships to the role of emerging technologies such as behavioral analytics in mitigating fraud risk.

kyle-marchini has 17 posts and counting.See all posts by kyle-marchini