Online prescription filling service Ravkoo suffered a data breach, which led to health and other personal information being exposed. The company uses Amazon Web Services (AWS) to host their prescription portal. A specific instance that stored prescription information endured a security incident, which allowed the information to be easily accessed. Unauthorized access occurred in September 2021 and was later noticed by the Ravkoo security team in October of the same year. Breach notification letters were sent out to around 150,000 potentially affected customers on January 3rd, 2022. At the time of writing their public notification, Ravkoo had not found any reason to believe the exposed data was circulating or being used for malicious activity, but this could change. The FBI and other agencies have been alerted and are working alongside Ravkoo to dig deeper into the incident and figure out who may be behind it.
Analyst Notes
Users who have potentially been affected by the breach should take advantage of the identity monitoring services being provided by Ravkoo. The extent of the exposed data has not been revealed, but any unauthorized activity noticed by affected parties should be reported. As previously mentioned earlier this week, health information can be sold and used to carry out medical identity theft. This can lead to many different issues for those who have their information used illegally. It is important to stay vigilant moving forward after an incident like this.
https://www.bleepingcomputer.com/news/security/us-online-pharmacy-ravkoo-links-data-breach-to-aws-portal-incident/?&web_view=true
