NEW:

Yesterday, the USAO in Maryland issued a press release stating that Matthew Bathula, a clinical pharmacy specialist, had been charged with unauthorized access and ID theft involving patients at "Company A" -- a medical system in Maryland. 195 patients have been notified.

If you read the DOJ presser, it alleges a lot of activities that go waaaay beyond the usual insider "snooping."

A little digging revealed that "Company A" is the University of Maryland Medical Center, where Bathula was employed during the years of alleged wrongdoing.

Read the presser and more at:

https://databreaches.net/2026/05/02/maryland-pharmacist-indicted-on-unauthorized-computer-access-related-to-u-maryland-medical-center/

#databreach #IDtheft #HIPAA #infosec #insider #healthsec

@XposedOrNot += Gemotest Data Breach

The Gemotest #databreach occurred in April 2022 and exposed 31M patient records, including 6.3M unique email addresses and associated sensitive personal information.

Exposed data: Email addresses, Names, Physical addresses, Dates of birth, Passport numbers, Insurance numbers

Potential risks: Identity theft, Financial fraud, Phishing, Targeted scams, Privacy breaches

@XposedOrNot += Baydöner Data Breach

The Baydöner #databreach occurred in March 2026 when the Turkish restaurant chain was compromised, with data later published on a public hacking forum exposing over 1.2M unique email addresses and associated customer information.

Exposed data: Email addresses, Names, Phone numbers, Cities of residence, Passwords (plaintext), National ID numbers, Dates of birth

Potential risks: Identity theft, Account takeover, Credential stuffing, Phishing, Financial fraud, Targeted scams, Privacy breaches

@XposedOrNot += Marcus & Millichap Data Breach

The Marcus & Millichap #databreach occurred in April 2026 when the real estate brokerage and advisory firm was allegedly breached by the ShinyHunters group, exposing 1.8M email addresses and associated personal information.

Exposed data: Email addresses, Names, Phone numbers, Usernames, Physical addresses

Potential risks: Phishing, Targeted scams, Privacy breaches

@XposedOrNot += Aman Data Breach

The Aman #databreach occurred in April 2026 when the ultra-luxury hotel brand was allegedly targeted by the ShinyHunters group, with data later leaked publicly exposing over 262K unique email addresses and associated personal information.

Exposed data: Email addresses, Names, Phone numbers, Physical addresses, Nationalities, Dates of birth, Spouse names

Potential risks: Phishing, Identity theft, Targeted scams, Privacy breaches

Another #EdTech vendor has allegedly fallen prey to #ShinyHunters in yet another Salesforce-related hack-and-leak incident.

Follett Software markets Aspen, Destiny, and Classroom Library Manager software to schools.

The threat actors claim to have acquired 4 million records with PII and other corporate files, and have given Follett until May 4 to contact them.

Because this is Salesforce related, there may actually be very little identifiable information about students or personnel in the customer support data, unless district or school personnel gave students' names or details in seeking help with the software or specific problems.

I guess we'll find out soon.

#EduSec #databreach #hackandleak

@douglevin @funnymonkey @mkeierleber

Almost one year after discovery, Sandhills Medical Foundation notifies 169,017 people affected by a cyberattack

This was an attack by INC Ransom, who dumped the data in June 2025. INC didn't tag it as an encryption invcident -- just as hack, exfil, ransom demand. So I'm not sure why it took Sandhills about a year to make notifications

https://databreaches.net/2026/04/29/almost-one-year-after-discovery-sandhills-medical-foundation-notifies-169017-people-affected-by-a-cyberattack/

#databreach #HIPAA #incidentresponse #INCransom #healthsec