Online prescription filling service Ravkoo suffered a data breach, which led to health and other personal information being exposed. The company uses Amazon Web Services (AWS) to host their prescription portal. A specific instance that stored prescription information endured a security incident, which allowed the information to be easily accessed. Unauthorized access occurred in September 2021 and was later noticed by the Ravkoo security team in October of the same year. Breach notification letters were sent out to around 150,000 potentially affected customers on January 3rd, 2022. At the time of writing their public notification, Ravkoo had not found any reason to believe the exposed data was circulating or being used for malicious activity, but this could change. The FBI and other agencies have been alerted and are working alongside Ravkoo to dig deeper into the incident and figure out who may be behind it.
When evaluating a Managed Detection & Response (MDR) service there are 5 critical components that