Get caught up with latest news regarding data breaches for the week of the September 8.
JPMorgan Chase – In our first Data Breach Ripples report, we touched on a potential security breach involving JPMorgan Chase. On September 12, JPMorgan Chase spokesperson Kristin Lemaku told the New York Times that the bank, "uncovered an attack by an outside adversary recently where the firm's technology environment was compromised." In a brief statement on the firm's website, the company has not seen any suspicious fraudulent activity and reminded customers that they would not be held liable for any unauthorized transactions on their accounts.
Central Utah Clinic – In another security breach targeting healthcare providers, more than 31,000 patients were notified at Central Utah Clinic, informing them that their personal information may have been accessed in a data breach. According to a report by SC Magazine, a server at the Central Utah Clinic was compromised by unauthorized intruders in June of 2014. While the exact information that was stolen is still unknown, the server contained names, dates of birth, Social Security numbers, phone numbers and mailing addresses. All affected patients are being notified by letter.
George Mason University– On July 16, 2014 , George Mason University detected a security breach involving a server that hosted the university's Travel Request Service. SC Magazine first reported that approximately 4,400 users of the travel request system were affected by the server breach, which contained names and Social Security numbers. George Mason University has sent out letters to all the affected users and is offering each person a one year membership to ProtectMyID.
Beachwood-Westlake Plastic Surgery and Medical Spa – According to a Ohio plastic surgery office, computer hardware containing the names and medical limited information of 6,141 patients was stolen during a burglary on the plastic surgery and spa offices. According to the report, the burglary occurred on June 29 as the thieves were able to gain entry into the building undetected, as the cleaning crew "failed to reactivate the system on the night of the crime." The medical office is in the process of notifying all affected patients and is offering a free year of credit monitoring services.
