Navvis & Company is a comprehensive healthcare network throughout the US, including Hawaii. They offer scalable healthcare services that push patients towards their health and wellness goals while supporting providers’ roles to achieve those milestones. In the middle of last year, mid-July, Navvis experienced a cyberattack; their experts responded, but not before the assailants got away with 462,861 records—and that’s just from Hawaii.

This week was particularly active in Cybersecurity—attacks rained upon all states, from the Great Basin of Nevada to the Volcanoes of Hawaii. The week began with an announcement out of Texas: U.S. Renal Care found exposed information from a vendor breach in 2023, impacting over 132k patients. Connecticut College was also featured this week; investigations are ongoing, but victims shouldn’t wait to protect themselves. The public also got an update on the PJ&A data breach from 2023.

Azura Vascular Care operates a national network of health and wellness centers. They specialize in minimally invasive procedures and strive to treat vascular conditions in comfortable, out-patient settings. They offer healthcare in 25 states with multiple facilities and specialized teams. At the end of last year (2023), Azura discovered a threat actor within their network environment; officials removed the threat, but not before the criminals obtained 348k patient records.

Connecticut College (CC) is a private campus institution in New London, CT; initially opened as a women’s college, the institution today serves a 2k-student population and offers more than 40 degree programs. In March 2023, cybercriminals victimized CC by accessing their network environment. Eleven months later, CC officials have begun sending impact notices to those with data exposed in the incident.

Perry Johnson & Associates (PJ&A) is a medical transcription organization based in Nevada. Since the public learned about PJ&A’s breach, we have featured it whenever large healthcare networks have announced data breaches stemming from their incident and when officials present updates. This week, more information is public about the incident, through the Maine Attorney General’s Office.

U.S. Renal Care (Renal) is a 32-state, 400-location, 26k-patient healthcare provider primarily concerned with kidney disease and longevity; Renal offers in-facility and at-home dialysis solutions. Renal’s significant treatment network is made possible by various third-party vendors, from equipment solutions to transcription services.

The Bayer Heritage Federal Credit Union has headquarters in West Virginia. Like other unions, they offer various services that assist members in saving and investing no matter their life phase. Bayer’s products include financial accounts, IRAs, investment options, and many loans, from estate to student. At the end of October 2023, Bayer reportedly experienced a cyberattack; the breach lasted only a day but exposed the Social Security Numbers (SSNs) of 61,159 borrowers.

This week, around 643k data records were announced as lost in the cyber wars. Early on, the public learned of HopSkipDrive’s event, which impacted 155k student guardians. The most significant breach of this week, with an impact figure of over 307k, also occurred early in the week; the Des Moines Orthopaedic Surgeon clinic claimed the incident was due to a vendor’s failure.

Verizon is a top-performing communications organization with clients and influence worldwide. They offer various electronic services, including physical technology, Internet services, entertainment programs, communications plans, etc. They enjoy a user base of nearly 145 million people in the US, making them the largest telecoms operator in the states. Verizon recently announced a breach in mid-September 2023; however, the event was not from an external threat actor—it came from an employee.

Infosys McCamish Systems (IMS) is a subsidiary of Infosys, a global outsourcing organization. IMS is primarily concerned with delivering life insurance and retirement solutions for clients of Infosys. Among those who use IMS’ services are nationwide organizations, including Bank of America. In November 2023, IMS was made aware of a cyberattack on their systems; the attack disrupted some of IMS’ applications and compromised the information of 57,028 people.