IT Security Stories to Watch: CVS Investigates Data Breach
And as a result, CVS tops this week’s list of IT security news makers, followed by University of California, Los Angeles (UCLA) Health System, University of Pittsburgh Medical Center (UPMC) Health Plan and Symantec (SYMC).
What can managed service providers (MSPs) and their customers learn from these IT security news makers? Check out this week’s list of IT security stories to watch to find out:
1. Was CVS Photo website hacked?
CVS has temporarily shut down its CVS Photo website after one of its vendors may have been breached. CNNMoney pointed out that the vendor, PNI Digital Media, was hacked last year and lost 1.2 million credit cards.
It remains unclear if any customer information was stolen during the data breach, according to CVS Photo. In addition, CVS Photo is advising customers to check their credit card statements for any fraudulent or suspicious activity.
“Nothing is more central to us than protecting the privacy and security of our customer information, including financial information,” CVS Photo wrote on its website. “We are working closely with the vendor and our financial partners and will share updates as we know more.”
2. UCLA Health System gets breached
Hackers allegedly may have accessed up to 4.5 million UCLA Health System patient records.
“For patients that entrust us with their care, their privacy is our highest priority. We deeply regret this has happened,” Dr. James Atkinson, UCLA Hospital System’s interim president, told Los Angeles Times.
UCLA said it is working with the FBI and had hired computer forensic experts to increase its network security.
3. UPMC Health Plan reports data breach
UPMC Health Plan has suffered its second data breach in less than two months. The most recent data breach could affect 722 UPMC patients, HealthITSecurity reported.
The data breach was discovered on June 4 after a data file with protected health information (PHI) was emailed to the incorrect address. UPMC Health Plan reported the incident to the U.S. Department of Health and Human Services (HHS) on July 2.
“We apologize for any anxiety or inconvenience that this incident may cause our members,” said William Gedman, chief compliance officer for UPMC’s insurance services division. “Based on our ongoing investigation, we will make all changes necessary to further enhance our already stringent privacy protections. UPMC Health Plan is committed to doing our utmost to minimize the chance that this type of issue will occur again.”
4. Spam email level drops below 50 percent
The number of spam emails is declining, according to new data from Symantec.
Symantec’s June 2015 Intelligence Report revealed that the overall spam rate was 49.7 percent, which represents the first time this figure has dropped below 50 percent since Sept. 2003.
However, Symantec also reported that ransomware attacks increased for the second month in a row, and crypto-ransomware reached its highest levels since Dec. 2014.