At a glance.
- Update on the Pixel repair breach.
- Vestas breach apparently compromised personal data.
- Breach at Washington support services provider.
Google says employees not at fault for Pixel repair breach.
Google has determined that a data breach that compromised the accounts of Pixel users was not caused by employee actions, 9to5Google reports. It was found that mail-in Pixel repairs requests had led to the exposure of user account data and photographs. After conducting an investigation, Google stated, “we can say with confidence that the issue impacting the user was not related to the device RMA [Return Merchandise Authorization]. We have worked closely with the user to better understand what occurred and how best to secure the account going forward.” Google has agreed to provide better instructions to help users secure their data before sending in their devices for repair.
Personal data compromised in breach of wind energy giant.
MarketScreener reports that after disclosing a November data breach last week, leading wind energy provider Vestas has confirmed the incident exposed personal data. According to Vestas’ official breach notification, intruders gained unauthorized access to the company’s internal file share systems. Though an investigation is still ongoing, Vestas has disclosed that the attackers stole personal data pertaining to “employees and business partners” and possibly sold it to third parties. The compromised data includes names and contact details, photographs, job application info, salary details, employment documents, travel information, and in some cases, highly sensitive data like identification documents, Social Security numbers, medical info, and bank account details.
Medical not-for-profit suffers data breach.
The US Office for Civil Rights (OCR) data breach portal revealed that Sound Generations, a nonprofit based in the state of Washington that provides support services to seniors and disabled adults, suffered two data breaches. HealthITSecurity explains that the two incidents, which occurred in July and September of this year, impacted over 100,000 individuals. According to Sound Generations’ notification, “The investigation was unable to rule out that information stored on Sound Generations’ systems may have been accessed by an unauthorized party.” The potentially compromised data includes street addresses, names, phone numbers, emails, birth dates, health insurance numbers, and medical history information. Fortunately, no Social Security numbers, financial account information, and driver’s license details were exposed. Sound Generations adds that it currently “has no reason to believe that there was a misuse of the information pertaining to the potentially impacted individuals.”