Three data breaches have occurred within the past few months yet many people are just becoming aware.
Clinical Pathology Laboratories fell victim through the American Medical Collection Agency, a third party collection agent for medical billing, in March of this year. Over two million CPL patients may have had their names, addresses, phone numbers and other personal information stolen.
According to cpllabs.com:
“Based on the information provided by AMCA, the following information belonging to CPL patients may have been affected by the incident: patient names, addresses, phone numbers, dates of birth, dates of service, balance information, credit card or banking information and treatment provider information. AMCA has advised CPL that its patients’ social security numbers were not involved in the incident.” CPL stated that the breach did not affect their website, and only affected those in collection.
According to TechCrunch, it is possible that 34,500 patients may have had their credit card or banking information compromised as well. LabCorp reported in June that up to 7.7 million patients may have been breached and Quest Diagnostics had the most with 11.9 million. All three of these conduct lab testing for local Doctor’s offices. LabCorp has since discontinued using the AMCA for new collections.
CPL's website has suggestions posted for those involved in the breach. They are currently unaware of any misuse of the breached data, but are investigating through a third party data company.
“While CPL is unaware of the misuse of any patient’s information, we are providing the following information to help those wanting to know more about steps they can take to protect themselves:
“If you detect any suspicious activity on any of your accounts, you should promptly notify the financial institution or company with which the account is maintained. You should also promptly report any fraudulent activity or any suspected incidents of identity theft to proper law enforcement authorities.
“Obtain a copy of your credit report, free of charge, directly from each of the three nationwide credit reporting agencies. To do so, free of charge once every 12 months, please visit www.annualcreditreport.com or call toll free at 1-877-322-8228
. “Please notify your financial institution immediately of any unauthorized transactions made or new accounts opened in your name.”
The CPL website says: “Individuals with questions about this incident or questions about precautionary steps they can take may call 833.300.6927 or visit https://ide.myidcare.com/CPL for additional information.”
Equifax- One of the nations three main credit reporting bureaus was breached from May through July of 2019 jeapordizing up to 143 million American consumers information. According to Equifax and consumer.ftc.gov The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.” The FTC also warns to beware of fake settlement websites trying to get your information.
Equifax.com has steps that can be taken listed:
What Can I Do?
“Here are some of your options:
You can visit www.EquifaxBreachSettlement.com for information on the Equifax 2017 Data Breach Settlement.
You can get free copies of your credit report from the three major credit bureaus at www.annualcreditreport.com. Review your credit reports carefully, and make sure your personal information and accounts are correct.
Consider placing a security freeze or lock on your credit report. You can place a security freeze on your credit reports with the three major credit bureaus, Equifax, Experian, and TransUnion. You can also lock your Equifax credit report using Lock & Alert™, and contact the other two major credit bureaus for information on credit report locks.
You can place a fraud alert on your credit reports with the three major credit bureaus. To place a fraud alert on your Equifax credit report, visit our Fraud Alert page. We’ll automatically contact the other two credit bureaus.”
The Equifax breach settlement is offering cash payment of $125 or four years of credit monitoring. They are also offering “up to $20,000 for time spent remedying the breach, out of pocket losses as a result, and up to 25% off of the cost of credit or identity monitoring” purchased the year prior.
Capital One announced July 29 they were also affected by a data breach that could affect more than one million consumers.
According to capital1.com
“Capital One Financial Corporation (NYSE: COF) announced, July 19, it determined there was unauthorized access by an outside individual who obtained certain types of personal information relating to people who had applied for its credit card products and to Capital One credit card customers.”
CEO Richard D Fairbank made a statement "While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened. I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right."
The FBI has arrested the individual responsible, reportedly a former Amazon Web Services engineer.
Capitalone.com said that 99% of social security numbers were secure and no credit card account numbers were affected. This information included personal information Capital One routinely collects at the time it receives credit card applications, including names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income.
They added: Beyond the credit card application data, the individual also obtained portions of credit card customer data, including:
Customer status data, e.g., credit scores, credit limits, balances, payment history, contact information
Fragments of transaction data from a total of 23 days during 2016, 2017 and 2018
About 140,000 Social Security numbers of our credit card customers
About 80,000 linked bank account numbers of our secured credit card customers
The company will be notifying customers and is offering free credit monitoring and identity protection to those affected by the breach. Visit https://www.capitalone.com/facts2019/ for more information.
So now that we hear all of this disturbing news, the next question is what can you do to protect yourself? The FTC offered articles and tips.
1. You can obtain your free credit report at www.annualcreditreport.com or contact each one of the independent credit reporting agencies. Equifax, Transunion and Experian.
2. Place a fraud alert or a Credit Freeze/Security freeze on your account which restricts access to your credit report, lowering the chance of identity theives opening accounts in your name. Contact each of the bureaus to place a freeze, or lift one. According to the FTC A credit freeze locks down your credit. A fraud alert allows creditors to get a copy of your credit report as long as they take steps to verify your identity.
3. Notify companies immediately if you see any suspicious activity.
4. Keep all documents secure, don't share information with anyone you do not trust, make sure online activity is through trusted and verified websites and watch for scam websites trying to offer help and claims for these data breaches.
One other thing nobody mentioned, is to pay inside the station for gasoline to avoid skimmers.
If you would like further information please visit FTC.gov.