Online Pharmacy Says Its AWS Portal Was HackedIncident, Discovered in Late September, Affected 105,000 Individuals
An online pharmacy is notifying tens of thousands of individuals that their personal information was potentially exposed in a data security incident involving the company's Amazon Web Services hosted portal.
In a Monday breach report filed to the Maine attorney general's office, Florida-based Ravkoo says 105,000 individuals, including 386 Maine residents, were affected by the incident, which was discovered in late September.
A report filed to New Hampshire's attorney general indicates 600 residents in that state were also affected.
In a breach notification posted on its website, Ravkoo says that a data security incident recently discovered on its AWS-hosted portal "may have resulted in the unintentional exposure of personal information."
Ravkoo uses AWS cloud services for online hosting of its prescription portal, the company says. "On Sept. 27, Ravkoo detected that this portal was the target of a cybersecurity attack. An unauthorized third party attempted to infiltrate the portal," the notification says.
Ravkoo’s forensic investigation subsequently revealed that certain prescription and health information could have been compromised, including full names, mail addresses, phone numbers and prescriptions, and "limited" medical information.
"Notably, we have found no evidence that any individual’s Social Security Number was accessed or compromised as Ravkoo does not maintain this information within the impacted portal," the notice says. "Further, Ravkoo does not have any evidence to indicate that any information involved in the incident has been or will be misused as a result of this incident."
Ravkoo reported the incident to the FBI and has also "increased security" of its AWS-hosted portal, the company says.
The company also is offering affected individuals complimentary, online credit monitoring services.
Ravkoo did not immediately respond to Information Security Media Group's request for additional information about the breach, including a request for comment on the accuracy of a report saying that an alleged hacker claims to have accessed the portal "using a hidden admin panel."