News and Updates on Information Technology

United States – Pennsylvania Department of Health

Exploit: Third Party Data Breach

Pennsylvania Department of Health: State Government Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.803 = Severe

The Pennsylvania Department of Health received an unpleasant shock when it learned that the third-party firm it had employed to process contact tracing data had made data handling mistakes, potentially opening thousands of residents of the Keystone State up to trouble. The contractor, Atlanta-based Insight Global reported that several employees violated security protocols to create unauthorized documents outside of the secure data system that the state’s contract required using the data collected.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.277 = Severe

Some of the records in question associated names with phone numbers, emails, genders, ages, sexual orientations and COVID-19 diagnoses and exposure status. They did not include financial account information, addresses or Social Security numbers. A daytime hotline is available for anyone concerned they might have been involved at 855-535-1787. Free credit monitoring and identity protection services will be offered.

Customers Impacted: 72,000

How it Could Affect Your Customers’ Business: No business is an island. That’s why it pays to take precautions against potential intrusions and data theft that results from a service provider’s cybersecurity failure

Source: https://6abc.com/covid-19-contact-tracing-coronavirus-pennsylvania-pa-data-breach-insight-global/10560542/