Mage Data strengthens its data security posture with the ISO 27001 certification. READ MORE >


Sav-Rx Data Breach Potentially Compromised Health Data of 2.8M Individuals

  • The Sav-Rx data breach, which occurred in October 2023, compromised the personal and health information of approximately 2,812,336 individuals in the United States.
  • The breach was caused by unauthorized access to Sav-Rx’s computer network, which was detected on October 2023.
  • The compromised data included non-clinical files containing personal and health information such as names, dates of birth, addresses, and health insurance information.
  • The company advises affected individuals to monitor their credit reports and account statements for signs of fraud or identity theft.


CentroMed Data Breach Exposed 400,000 Patient Records

  • CentroMed, a San Antonio-based healthcare organization, suffered a data breach in May 2024 that exposed the personal and medical information of 400,000 current and former patients.
  • The breach occurred when an unauthorized party gained access to CentroMed’s IT network on April 2024 and was able to acquire files containing sensitive patient data.
  • The exposed information included names, addresses, Social Security numbers, financial account details, health insurance data, diagnoses, dates of birth, and claims information.
  • This was the second data breach experienced by CentroMed, as the organization had previously suffered a breach in June 2023 that impacted 350,000 individuals.


LockBit says they stole data in London Drugs ransomware attack

  • LockBit ransomware operation has claimed responsibility for the April cyberattack on Canadian pharmacy chain London Drugs.
  • The ransomware gang claims that negotiations with London Drugs to pay a $25 million ransom have failed, but it has yet to provide proof that they stole any files from London Drugs servers.
  • London Drugs initially reported that no customer or employee data was impacted by the intrusion, but later acknowledged that corporate head office files, some of which may contain employee information, were compromised.
  • The company has refused to pay the ransom and is aware that the gang may leak stolen London Drugs corporate files, possibly including employee information, on the Dark Web.


Western Sydney University data breach exposed student data

  • Western Sydney University (WSU) suffered a data breach that exposed student and employee data after threat actors breached its Microsoft 365 and SharePoint environment.
  • The unauthorized access began on May 17, 2023, and included email accounts and SharePoint files.
  • The investigation found that approximately 7,500 individuals were impacted, including students graduating in August 2023.
  • Exposed data varied per person but included full names, phone numbers, and email addresses of students and staff.


OmniVision discloses data breach after 2023 ransomware attack

  • OmniVision, a California-based imaging sensors manufacturer, disclosed a data breach following a Cactus ransomware attack in 2023, during which unauthorized parties accessed and stole personal information. The attackers also leaked and released the stolen data online.
  • The data stolen includes passport scans, nondisclosure agreements, contracts, and confidential documents.
  • The exact number of affected individuals remains unknown, but the company has offered 24-month credit monitoring and identity theft restoration services to those impacted.
  • OmniVision’s internal investigation concluded on April 3, 2024, and the company has since enhanced its security measures to prevent future incidents.


An ‘Unwelcome Development’ in MediSecure Data Breach Incident

  • Update on the Medisecure data breach incident.
  • The breach occurred in April 2024 and affected the personal and medical information of over 200,000 individuals.
  • The compromised data included names, addresses, medical records, and other sensitive details of patients associated with Medisecure.
  • The breach was discovered in late April 2024, prompting Medisecure to take immediate action to secure its systems and notify those impacted.
  • In response to the incident, Medisecure is offering credit monitoring and identity theft protection services to the affected individuals to mitigate the risks of potential identity theft and fraud resulting from the data exposure.