Breach Clarity Weekly Data Breach Report: Week of May 24
Each week Breach Clarity, recently acquired by Sontiq, compiles a list of what it considers to be notable data breaches—those that are worth highlighting because of the increased intensity of the risk to personal information. The Breach Clarity score identifies the level of risk on a scale of 1 to 10—the higher the score, the more severe the breach and level of risk.
This week’s spotlight breaches contain a breach perpetrated by a former employee of the County of Orange’s Social Service Agency. Insider threats like these can be especially pernicious. With authorized access to customer or employee personal information, employees are able to overcome many of the countermeasures in place to stop malicious external actors. Unlike external fraud threats, insiders also have a much greater ability to manipulate the system, making it far easier to commit certain types of fraud that are typically too labor-intensive to be profitable for external actors. This includes schemes like student loan fraud and medical fraud, both of which can be difficult to profit from without assistance from an insider who can divert funds to an account under the control of the fraudster.
New breaches added: 48
Phillip Galyen P.C.
A cyberattack against Phillip Galyen P.C. allowed the perpetrator to access the Galyen network and exposed sensitive personal information on clients and employees of the law firm. Compromised data types include Social Security numbers, credit and debit card numbers, medical records including diagnosis and treatment information and more. Galyen did not disclose additional details about the nature of the breach or types of files compromised in their breach notification letter.
What should you do? Any time a breach exposes data that is this sensitive, victims should take the time to make sure that they have put essential protections in place across all aspects of their identity. This includes locking or freezing your credit report; using strong authentication on your bank accounts, email and other important services and making sure that you have set up alerts for suspicious activity on your accounts.
County of Orange Social Services Agency
A former employee of the County of Orange Social Services Agency inappropriately accessed and used information on individuals in the SSA system. Exposed data types include Social Security numbers, contact information, legal documents such as marriage certificates and tax and immigration records, medical records and more. While the data breach occurred in April 2018, it was not reported until May 2021. County of Orange SSA did not disclose additional details around how the former employee misused the accessed records.
What should you do? Since the information stolen in this breach creates a high risk of fraudulently opened credit (loan accounts), safeguards like locking or freezing your credit are the best place to start. If you expect to need to have your credit account unlocked, enrolling in credit monitoring through the provider offered by the breached organization or through a free service can help keep you informed of potentially suspicious changes to your credit report.
Health Plan of San Joaquin
Unauthorized access to business email accounts at Health Plan of San Joaquin allowed the perpetrator to gain access to patients’ sensitive personal and medical information contained in messages and attachments that passed through the affected email accounts. Exposed data types include Social Security numbers, driver’s license numbers, login information, medical records such as lab results and treatment information, and more.
What should you do? With medical records and insurance information compromised in this data breach, the top risk is medical identity theft – use of your identity to get access to medical services, often with the goal of obtaining prescription drugs or medical devices that have a high value on secondary market. Under HIPAA’s privacy rules, you can request copies of your medical records, which can allow you to identify erroneous information and correct it with your medical providers. The department of U.S. Health and Human Services and the Federal Trade Commission both maintain resources with additional information on warning signs to help identify and resolve medical identity fraud.
Nocona General Hospital
A cyberattack against Nocona General Hospital allowed the perpetrator to access files on Nocona’s network containing sensitive personal information. Exposed data types include Social Security numbers, medical records such as diagnoses and treatments, and more.
What should you do? Since the information stolen in this breach creates a high risk of fraudulently opened credit (loan accounts), safeguards like locking or freezing your credit are the best place to start. If you expect to need to have your credit account unlocked, enrolling in credit monitoring through the provider offered by the breached organization or through a free service can help keep you informed of potentially suspicious changes to your credit report.
About the Breach Clarity Score
Breach Clarity, recently acquired by Sontiq, created an algorithm that deeply analyzes and assigns every publicly reported data breach a Breach Clarity score, most often from 1 to 10. The higher the score, the more severe. (In rare and extreme cases, the score can exceed 10.)
The idea for the Breach Clarity score came from data breach expert Jim Van Dyke, who realized the public should be able to access the same analysis he used as an expert witness to discern data breach risks in the country’s biggest data breach cases. Breach Clarity’s artificial intelligence algorithm simulates that advanced, objective analysis and is available to anyone as a free tool in the fight against identity fraud and cybercrime. The score, risks and recommended action for any publicly reported data breach is available at Breach Clarity.