Athletes' medical records among leaked info in data security breach

Athletes’ medical records among leaked info in data security breach

Athletes’ medical records among leaked info in data security breach

An online security breach at a national printing chain leaked thousands of sensitive documents — from labor filings involving NFL players to lawsuits against Hollywood studios to personal immigration-related papers — raising the possibility that private information could end up in the wrong hands.

The leak at PIP printing, which has more than 400 locations in 13 countries, went on for four months before it was repaired Tuesday, cybersecurity experts involved in investigating the breach told NBC News. But there's no evidence that any hackers may have stumbled upon the files to use them for malicious purposes, they add.

The documents, which NBC News examined, ranges from emails revealing credit card and social security numbers to legal filings such as depositions, subpoenas and labor lawsuits. Extensive medical records belonging to high-profile athletes were also at risk.

PIP owner Michael Bluestein told NBC News that the breach appeared to stem from a third-party IT firm that accidentally misconfigured the backup protocols — essentially leaving a "back door" open in the system.

Read Also:
The IT Pro view: Data protection and GDPR

"After discovering the breach, we acted quickly to lock down access to our database," Bluestein said. "We immediately strengthened our security controls. We changed all passwords, took offline all computers that may have been affected and brought in forensic IT experts."

Bluestein added that stronger-than-normal protections are being employed to further lock down the PIP system: "New firewalls are being installed. We are even going above the recommended security measures by also creating closed VPNs (virtual private networks) for our backup files," he said.

Bob Diachenko, whose firm Mackeeper Security Research Center investigated the breach, said it was first discovered in October.

The data breach potentially allowed access to sensitive labor filings on behalf of NFL players, such as disability claims with extensive HIPAA-protected medical records attached.

The NFL and the National Football League Players Association, a union for the players, both declined to comment on the private records of their athletes being exposed in the security breach.

Read Also:
Your In-Store Customers Want More Privacy

One particularly salacious set of documents released in the leak pertained to a lawsuit filed against Hustler by a former male employee who claimed adult magazine publisher Larry Flynt's daughter sexually harassed him.

The suit was covered in the press after it was filed — but according to the leaked internal company documents, Hustler officially terminated the employee for failing to detect a "theft ring" at the Hustler Hollywood stores he oversaw as a district manager.



Sentiment Analysis Symposium

27
Jun
2017
Sentiment Analysis Symposium

15% off with code 7WDATA

Read Also:
Big data techniques help paralyzed patient regain movement

Data Analytics and Behavioural Science Applied to Retail and Consumer Markets

28
Jun
2017
Data Analytics and Behavioural Science Applied to Retail and Consumer Markets

15% off with code 7WDATA

Read Also:
The Future of Cybersecurity

AI, Machine Learning and Sentiment Analysis Applied to Finance

28
Jun
2017
AI, Machine Learning and Sentiment Analysis Applied to Finance

15% off with code 7WDATA

Read Also:
Big data techniques help paralyzed patient regain movement
Read Also:
GDPR – sounding the death knell for self-learning algorithms?

Real Business Intelligence

11
Jul
2017
Real Business Intelligence

25% off with code RBIYM01

Read Also:
WhatsApp Will Start Sharing Data, Including Phone Numbers, With Facebook

Advanced Analytics Forum

20
Sep
2017
Advanced Analytics Forum

15% off with code Discount15

Read Also:
5 Ways Cloud Vendors are Dealing with Data Privacy Concerns

Leave a Reply

Your email address will not be published. Required fields are marked *