Major U.S. health savings account administrator HealthEquity had information from 4.3 million individuals exfiltrated following the infiltration of an online data storage location using a compromised third-party vendor's user accounts earlier this year, reports The Register.
In a letter to FTC Chair Lina Khan, the senators noted that Hyundai and Honda had received more than $1 million and over $25,000, respectively, for selling vehicle data to data broker Verisk.
Infiltration of Michigan Medicine's employee email accounts on May 23 and 29 enabled the exfiltration of individuals' names, birthdates, addresses, medical record numbers, diagnostic and treatment details, and health insurance information, as well as the Social Security numbers of four patients.
While the exfiltrated data was claimed to contain two million records of users linked to firms leveraging Bullhorn, such information was noted by Bullhorn to have been obtained from a third party that integrated with the firm and has not impacted its systems or data.
Information exposed by the misconfigured ClickBalance database included API keys, access tokens, secret keys, tax identification numbers, and bank account numbers, as well as more than 381,000 email addresses.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
