UPS Truck Drivers Medical Records Published By Hackers

January 22, 2021

Medical documents belonging to truck drivers and rail workers may have been exposed following an alleged cyber-attack on an occupational healthcare provider in Virginia.

Data apparently belonging to employees of the United Parcel Service (UPS) and Norfolk Southern Railroad was published online to a leak website by the gang behind Conti ransomware. The cyber-criminals claimed to have obtained the data throughout a December cyber-attack on Taylor Made Diagnostics (TMD).

The HIPAA Journal reported that the leaked data includes full names, Social Security numbers, details of scientific examinations, drug and alcohol testing reports, and scans of driving licences.

With locations in Chesapeake and Newport News, TMD is an operator of occupational health clinics used by transportation agencies and government agencies. The company provides services inclusive of drug testing, CPR training, fit-for-duty evaluations, vaccinations, and respirator fit testing.

According to their website, TMD clients include the US military, the US Secret Service, the navy special warfare development group, BAE systems, Old Dominion University, the Social Security Administration, and the Virginia Department of Military Affairs.

While TMD has not verified the alleged attack, FreightWaves reported that amongst the more than 3,000 TMD files leaked on January 8 were multiple health records for employees at both UPS and Norfolk Southern dated as currently as December 2020.

In addition, the trucking news source spotted records belonging to personnel of US government agencies, defence contractors, and multiple smaller trucking companies.

Norfolk Southern Railroad, which employs nearly 25,000 humans in 22 states, said that it was investigating the veracity of the cyber criminal’s claims.

“The security of our employees’ data is a priority for Norfolk Southern and a requirement for our vendors,” Norfolk Southern spokesperson Jeff DeGraff wrote in an email to FreightWaves.

“Norfolk Southern is looking into the issue but has not issue any comment at this time.”

UPS, which employs 362,000 people in the US and an additional 82,000 internationally, said it is also looking into the possible data breach.

According to the US Department of Health and Human Services, in December alone, 37 US healthcare vendors reported hacking or unspecified information technology incidents that compromised nearly 1.5 million patients.

SonicWall Investigates Zero-Day Attack Own Its Products

by intellfence | Jan 26, 2021 | Security Events, Uncategorized

SonicWall has warned its customers that threat actors may have found zero-day vulnerabilities in some of its remote access products. An initial post on the company’s knowledgebase pages on Friday claimed that the NetExtender VPN client model 10.x and the SMB-focused...

Tesla sued former employee for Alleged IP theft of thousands of Files

by intellfence | Jan 25, 2021 | security news

Tesla has sued a former worker for allegedly stealing about 26,000 confidential files in his first week of work at the company, in accordance to a court filing. The organization stated on Friday that within three days of being hired, software program engineer Alex...

X-Rated College Pictures Leaked Due to Amazon Leaking Buckets

by intellfence | Jan 21, 2021 | security news, Uncategorized

A cloud misconfiguration at a now-defunct social media app Fleek, has uncovered hundreds of thousands of explicit images of customers that they thought had been deleted. Fleek was once seen as an unfiltered and uncensored choice to Snapchat “Campus Stories.” A hit...

More Articles

SonicWall Investigates Zero-Day Attack Own Its Products

Tesla sued former employee for Alleged IP theft of thousands of Files

X-Rated College Pictures Leaked Due to Amazon Leaking Buckets