Weekly Cybersecurity Recap September 8
Table of Contents
- By Steven
- Sep 08, 2023
Each week, new data breaches plague the public. This week, significant healthcare and retail breaches led to substantial data losses for customers and patients throughout the United States. With companies like Forever 21, Callaway, and United Healthcare involved, there were serious data losses. Cognizant and Indiana Medicaid were also breached this week. Learn all the details below.
More than 500,000 people were exposed in the recent Forever 21 data breach. Forever 21 is a well-known fashion company; it spans 540 retail outlets and has over 43,000 employees. The breach impacted approximately 500,000 individuals and occurred between August 29 and 30, 2023. Social Security numbers, full names, birth dates, and bank account information were taken in the data breach. This data loss could be particularly problematic. Forever 21 customers receiving a notice should get identity theft protection, change their information, and watch their bank accounts for financial losses.
Callaway, the massive golfing company, recently suffered a data breach linked to its online stores. Over 1 million customers were potentially exposed by the breach because of an IT mistake. It's unclear whether anyone capitalized on the breach or not. The breach began on August 1, 2023, and persisted until August 16, 2023. During that time, account passwords, email addresses, mailing addresses, security questions, order histories, and first and last names were available. Data from the Callaway and used Callaway sites were available, as well as from Odyssey and Ogio.
The Indiana Medicaid program provides healthcare to low-income citizens throughout Indiana. This program must gather large amounts of health, financial, and personal data, which could be at risk because of a recent data breach. More than 700,000 people were exposed in the breach caused by the Medicaid program relying on the MOVEit file transfer tool. MOVEit suffered a major security vulnerability that led to data losses for hundreds of companies. Social Security numbers, addresses, full names, member IDs, and more were taken in the breach. If you get a notice explaining the breach, you should immediately protect yourself.
Cognizant and TMG Health
IT Services Cognizant and medical services company TMG Health were the victims of a data breach that began on May 30 and lasted until June 3, 2023. Data such as Social Security numbers, medical insurance information, medical treatment data, bank account numbers, phone numbers, full names, and more were shared during that time. Cognizant sent notices to impacted individuals on September 1, 2023. For those who receive a notice, take immediate action to check your credit, monitor your credit, and watch over any of your financial accounts.
A large number of insurance customers were exposed in a recent data breach through UnitedHealthcare. The breach began on December 1, 2022, and persisted until January 25, 2023. A broker portal vulnerability caused it. At least one individual used the opening to steal member IDs, full names, plan types, residency locations, and other simple details for UnitedHealthcare patients. The insurance company sent notices to everyone it suspects as being involved.