Two universities, a restaurant-management company and the IRS all acknowledged in February they had fallen victim to a hacker or hackers. But the oddest, and largest, data breach of the month had nothing to do with cybercriminals. A Florida health care company became a breach victim when half a million patient medical records fell out of a truck on their way to be destroyed.
Large, targeted data breaches are becoming more frequent, but we’re also losing ground to outdated or unsecured record-disposal methods.
That’s why it’s essential to be proactive and protect yourself. A good place to start is at myBankrate, where you can grab your free credit report today and check for signs of suspicious activity.
Affected: 63,000 current and former UCF students, staff and faculty members.
Information stolen: Names, Social Security numbers, student IDs, employee IDs.
Breach details: The University of Central Florida in Orlando last month said it had discovered in January that its networks had been breached, compromising the personally identifying information of about 63,000 students, staff and faculty.
No credit card information, financial records or medical records were exposed. But that’s not the case for Social Security numbers and other personally identifiable information. UCF sent out notifications and is offering 1 year of free credit monitoring and identity protection services.
Information exposed: Patient names, addresses, phone numbers, Social Security numbers, dates of birth, health insurance numbers, medical status, assessment information and financial information.
Breach details: In an odd data breach, paper records literally fell out of a truck, exposing around 500,000 patient records belonging to Radiology Regional Centers in southwest Florida. Lee County Solid Waste Division, the company hired to dispose of Radiology Regional Centers health records, picked up documents to take to an incinerator. During transport, records fell out of a container on the truck. The health care company believes that virtually all of the records were retrieved. Still, it’s offering a complimentary membership to Equifax Credit Watch.
Affected: More than 300 locations throughout the U.S.
Information stolen: Cardholder names, numbers, expiration dates and internal verification codes.
Breach details: Landry’s Inc. announced that a data breach exposed the credit card information of patrons at many of its restaurants and at its Golden Nugget Hotels and Casinos. Hackers installed malware on payment-processing devices. The program scraped for data on the magnetic stripes of payment cards swiped at Landry’s-owned businesses. The list of affected properties includes restaurants such as Bubba Gump Shrimp Co., McCormick & Schmick’s, and Morton’s Steakhouse. Landry’s hasn’t yet offered free credit monitoring or identity theft protection services. That makes it crucial for anyone affected to closely monitor their credit statements and reports.
Breach details: Hackers were able to access 101,000 E-file PINs, which are used to electronically file tax returns. Identity thieves used previously stolen Social Security numbers — approximately 464,000 — to generate the E-file PINs. The IRS is notifying taxpayers by mail, and it is marking affected accounts to protect against tax-related identity theft. Taxpayer data were not compromised by the breach, according to the IRS.
Affected: 80,000 current and former students, employees and vendors.
Information stolen: Social Security and bank account numbers.
Breach details: In late 2015, hackers gained access to the Berkeley Financial System through a security flaw, exposing the Social Security numbers of around 80,000 individuals, the University of California, Berkeley confirmed last month. It’s the 3rd time UC Berkeley has been hit by hackers within a 15-month period. The university believes that none of the information was acquired or misused. It’s offering 1 free year of credit monitoring and identity theft insurance to all potentially affected individuals.