In a recent data breach, Berglund Management Group, an auto dealership based in Bedford, Virginia, has reported unauthorized access to its computer network. The breach resulted in the exposure of sensitive information, including names and Social Security numbers, of up to 51,514 individuals. The breach was detected on May 10, 2023, and the company has since conducted a thorough investigation to determine the extent of the leaked information.
Berglund Automotive, which operates 20 locations in Virginia and generates around $45 million in annual revenue, has taken immediate action to address the breach. The company is sending out data breach notification letters to all affected individuals, informing them of the incident and providing guidance on steps they can take to protect their personal information. Social Security numbers are highly valuable to hackers for identity theft and fraud, making this breach particularly concerning.
The breach at Berglund Management Group highlights the ongoing challenges faced by organizations in protecting sensitive customer data. As cyber threats continue to evolve, businesses must remain vigilant in implementing robust cybersecurity measures to safeguard personal information and maintain customer trust.
In another recent data breach, Texas-based healthcare company WebTPA has disclosed a breach affecting almost 2.5 million people. The breach was detected on December 28, 2023, and the unauthorized actor may have obtained personal information between April 18 and April 23, 2023. The impacted information may have included name, contact information, date of birth, date of death, Social Security number, and insurance information. Some individuals had their Social Security numbers stolen. WebTPA reported the breach to the US Department of Health and Human Services on May 8, 2024. The company stated that it is not aware of any misuse of benefit plan member information and that financial account information, credit card numbers, and treatment or diagnostic information were not impacted [1afce08d].
The data breach at WebTPA, a healthcare company, highlights the vulnerability of personal information in the healthcare sector. The stolen Social Security numbers can be used for identity theft and other fraudulent activities. It is crucial for healthcare organizations to prioritize cybersecurity and implement measures to protect patient data from unauthorized access.
Landmark Admin, LLC, a third-party administrator for life insurance carriers, has also experienced a data privacy incident. On May 13, 2024, Landmark detected suspicious activity on its system and later discovered that an unauthorized third party had accessed its network. The compromised information includes personal details such as names, addresses, Social Security numbers, tax identification numbers, driver's license numbers, passport numbers, financial account numbers, medical information, dates of birth, health insurance policy numbers, and life and annuity policy information. Landmark is taking steps to enhance its network security and mitigate future risks. Individuals are advised to remain vigilant against identity theft and monitor their credit reports for suspicious activity [1b1a10b9].
These data breaches highlight the ongoing challenges organizations face in protecting sensitive customer information. It is essential for businesses to prioritize cybersecurity and implement robust measures to safeguard personal data and maintain customer trust.
Mass General Brigham, a hospital system in Massachusetts, has alerted patients to a privacy incident involving personal information. Between April 2 and 4, 2024, the hospital discovered that the personal information of some patients and members may have been accessible to unauthorized individuals. The investigation found that one employee at Mass General Health Plan and two employees at Mass General Brigham allowed unauthorized individuals to access personal information. The incident involved names, addresses, medical record numbers, dates of birth, email addresses, phone numbers, health insurance policy numbers, and clinical information about visits or admissions to an MGB facility. Some patients also had Social Security numbers and/or credit card numbers involved. The employees involved were immediately terminated. The hospital is notifying individuals affected by the incident and has provided contact information for questions [9421908e].
The privacy incident at Mass General Brigham emphasizes the need for healthcare organizations to implement strong security measures to protect patient information. The compromised personal information can be used for identity theft and other malicious activities. It is crucial for hospitals and healthcare providers to prioritize data privacy and take proactive steps to prevent unauthorized access to sensitive information.