[BreachExchange] Online Pharmacy Says Its AWS Portal Was Hacked

[Terrell Byrd]

https://www.healthcareinfosecurity.com/online-pharmacy-says-its-aws-portal-was-hacked-a-18259

An online pharmacy is notifying tens of thousands of individuals that their
personal information was potentially exposed in a data security incident
involving the company's Amazon Web Services hosted portal.

In a Monday breach report filed to the Maine attorney general's office,
Florida-based Ravkoo says 105,000 individuals, including 386 Maine
residents, were affected by the incident, which was discovered in late
September.

A report filed to New Hampshire's attorney general indicates 600 residents
in that state were also affected.

Breach Details
In a breach notification posted on its website, Ravkoo says that a data
security incident recently discovered on its AWS-hosted portal "may have
resulted in the unintentional exposure of personal information."

Ravkoo uses AWS cloud services for online hosting of its prescription
portal, the company says. "On Sept. 27, Ravkoo detected that this portal
was the target of a cybersecurity attack. An unauthorized third party
attempted to infiltrate the portal," the notification says.

Ravkoo’s forensic investigation subsequently revealed that certain
prescription and health information could have been compromised, including
full names, mail addresses, phone numbers and prescriptions, and "limited"
medical information.

"Notably, we have found no evidence that any individual’s Social Security
Number was accessed or compromised as Ravkoo does not maintain this
information within the impacted portal," the notice says. "Further, Ravkoo
does not have any evidence to indicate that any information involved in the
incident has been or will be misused as a result of this incident."

Ravkoo reported the incident to the FBI and has also "increased security"
of its AWS-hosted portal, the company says.

The company also is offering affected individuals complimentary, online
credit monitoring services.

Ravkoo did not immediately respond to Information Security Media Group's
request for additional information about the breach, including a request
for comment on the accuracy of a report saying that an alleged hacker
claims to have accessed the portal "using a hidden admin panel."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20220107/1dedeb9d/attachment.html>