Quest Diagnostics pins breach affecting 11.9 million patients on debt collector

Medical data and financial information of nearly 12 million people may have been compromised in a data breach at a billing firm that works with Quest Diagnostics, the laboratory company said in a regulatory document. The exposed information included credit card numbers and bank account details, Quest said Monday in a U.S. Securities and Exchange Commission filing. The New Jersey-based corporation is one of the giants in the medical testing industry, with more than $7.5 billion in revenue in 2018. Quest said the American Medical Collection Agency notified it on May 14 about a security incident. AMCA discovered that an outsider infiltrated its web payment system and accessed data belonging to other companies, including Quest Diagnostics. Quest had outsourced its billing work to Optum360, a health care revenue-cycle manager, which contracted AMCA. AMCA describes itself as a provider of “professional debt collection services are providers that specialize in collecting delinquent accounts,” according to […]

The post Quest Diagnostics pins breach affecting 11.9 million patients on debt collector appeared first on CyberScoop.

Continue reading Quest Diagnostics pins breach affecting 11.9 million patients on debt collector

Gen Z Interns and Social Media: A Perfect Security Storm

A lack of security training for interns, and their obsession with sharing content on social media, could lead to a perfect storm for hackers looking to collect social engineering data. Continue reading Gen Z Interns and Social Media: A Perfect Security Storm

Chinese database exposes 42.5 million records compiled from multiple dating apps

Tens of millions of records about users of different dating apps have been discovered in a single database that doesn’t include any password protection, according to new research findings. The records discovered by researcher Jeremiah Fowler mostly were about American users, based on accessible IP addresses and geolocation information. Other data included age, location and account names — a roadmap Fowler followed to identify users across multiple other platforms and dating apps to verify they were real. A sampling of 10,000 users revealed that 8,063 were from the U.S., 356 were from the U.K., 219 from Canada and 151 from Australia and other random English-speaking countries, he said in an email to CyberScoop. About 42.5 million records were exposed, Fowler said. Dating logs made up 38.3 million records, while 3.87 million consisted of “geonames,” Fowler said. He did not reveal the location of the database, which uses the Elastic format. While it’s not clear […]

The post Chinese database exposes 42.5 million records compiled from multiple dating apps appeared first on CyberScoop.

Continue reading Chinese database exposes 42.5 million records compiled from multiple dating apps

News Wrap: Which Companies Are Doing Privacy Right and Which Aren’t?

The Threatpost team breaks down the top privacy-related data incidents of the week – including data leaks from HCL and a golfing app – and highlights some surprisingly good privacy news. Continue reading News Wrap: Which Companies Are Doing Privacy Right and Which Aren’t?

Millions of Golfers Land in Privacy Hazard After Cloud Misconfig

A database with millions of data points on games played plus sensitive information was left right in the middle of the internet fairway for all to see. Continue reading Millions of Golfers Land in Privacy Hazard After Cloud Misconfig

Qualcomm Critical Flaw Exposes Private Keys For Android Devices

A side-channel attack in Qualcomm technology, which is used by most modern Android devices, could allow an attacker to snatch private keys. Continue reading Qualcomm Critical Flaw Exposes Private Keys For Android Devices