Data Breach Headlines for Q1 2016

May 05, 2016

Hackers and human error continue to contribute to data breaches in 2016. So far this year, a variety of companies have experienced data breaches, from a fast food chain to healthcare companies and more. Here’s a list of some of the breaches that have made headlines in the first quarter of 2016. January Time Warner Cable confirmed a data breach affecting as many as 320,000 customers. Email addresses and passwords were stolen. The company believed the theft was through data breaches of other companies that stored customer information. Wendy’s experienced a potential breach in January, according to several news outlets. Some customers in the Midwest and East Coast later found fraudulent charges on their credit cards. The company later confirmed in their preliminary 2015 annual report that malware designed to steal payment card data had been discovered on some the chain’s point-of-sale systems and investigations were ongoing. Now the hamburger chain has been hit with a proposed class action lawsuit over the data breach. Centene Corp., a multi-national healthcare enterprise that provides a portfolio of service to government sponsored healthcare programs, announced it was searching for six computer hard drives containing the medical information for about 950,000 people. The lost information included name, address, date of birth, Social Security number, member ID number and health information. February The University of Central Florida announced a breach that hackers gained access to the Social Security numbers of 63,000 students, former students, staff and faculty members. Radiology Regional Center announced that the records of over 483,000 individuals were compromised due to the improper disposal of paper files. The Internal Revenue Service (IRS) released an update on a breach first discovered in May 2015. They advised that the number of taxpayers whose information may have been stolen by hackers now exceeded 700,000. This is 390,000 more, then what was first reported. Thieves, believed to be part of a Russian-based criminal operation, accessed a system called “Get Transcript” which allows taxpayers to get tax returns and other filings from previous years. In response to the 2015 hack of taxpayer records, the IRS assigned an ‘Identity Protection Pin’ for a second form of verification for those previous victims. Now there’s a report of one of those Identity Protection Pins being compromised. The agency has said that the fraudulent use of IP PINs was “a big problem for them this year.” March Verizon Enterprise solutions suffered a data breach in which contact information of 1.5 million Verizon customers was stolen in a network attack, according to an article from Fortune. MedStar Health, a healthcare provider that operates 10 hospitals and more than 250 outpatient facilities in the Washington area, announced a malware attack had forced them to take their systems offline to prevent the malware from spreading further. As of March 31st, the company reported that analysis continued to show that no patient or associate data had been compromised. 21st Century Oncology announced investigations into an unauthorized third party intrusion into its network. Compromised data included patients’ names, Social Security numbers, physicians’ names, diagnoses, treatment and insurance information.