Mon, May 12, 2025

Arizona Arthritis and Rheumatology Associates Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 12, 2025) – Arizona Arthritis and Rheumatology Associates, P.C., a healthcare provider based in Arizona, has reported a data breach that may have impacted the personal information of 5,509 individuals. The breach, which occurred as a result of a hacking/IT incident, was discovered recently and is currently under investigation. In response to the incident, Arizona Arthritis and Rheumatology Associates has initiated a thorough investigation to determine the full scope of the breach and the specific data...

Mon, May 12, 2025

DermCare Management Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 12, 2025) – DermCare Management, a company that provides administrative and operational support to dermatology practices, recently identified a data security incident that may have compromised sensitive personal information belonging to patients of its affiliated clinics. The breach was discovered on February 26, 2025, and a subsequent investigation revealed that unauthorized access to certain systems may have resulted in the exposure of various types of protected and personally identifiable information. The data potentially accessed in the...

Mon, May 12, 2025

Monongalia Health System, Inc. (Mon Health) Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 12, 2025) – On March 3, 2025, Monongalia Health System, Inc. (Mon Health) identified a cybersecurity incident that compromised the personal and medical data of at least 4,895 individuals. The breach stemmed from a targeted phishing scheme that led to unauthorized access to several employee email accounts. As a result, cybercriminals were able to view documents containing confidential patient and administrative information. Mon Health officially reported the incident to the U.S. Department of Health and Human...

Mon, May 12, 2025

SogoTrade, Inc Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 12, 2025) – On or around March 18, 2025, SogoTrade became aware that a phishing email containing malicious software led to unauthorized access to four employee email accounts. The unauthorized access is believed to have occurred between approximately May 8, 2024, and May 22, 2024. A comprehensive investigation conducted by an independent third-party cybersecurity firm confirmed the details of the incident. Following the discovery, Sogo Trade conducted a review of its phishing response procedures and implemented...

Mon, May 12, 2025

Kiernan Trebach LLP Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 12, 2025) – Kiernan Trebach LLP notified customers of a cybersecurity incident by providing breach notification letters to an undisclosed number of victims after becoming aware of suspicious activity in their environment. According to the notice filed with the Attorney General of Maine, the breach occurred September 24, 2024, but was not discovered until May 6, 2025.  Kiernan Trebach dated the notification letters May 7, 2025, via the notification filing with Maine Attorney General. Federman &...

Mon, May 12, 2025

WaterStreet Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 12, 2025) – On March 17, 2025, WaterStreet identified suspicious activity within its IT environment. In response, the company immediately initiated an investigation to determine the nature and scope of the incident and to securely restore affected systems. The investigation revealed that an unauthorized individual accessed certain files on that same date. A thorough review of the accessed files was conducted to determine the type of information involved and the individuals affected. This review confirmed that...

Mon, May 12, 2025

Starkville Utilities Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 12, 2025) – On October 23, 2024, Starkville detected unauthorized activity within its computer network (the “Incident”). In response, the organization promptly disconnected network access and engaged a specialized third-party incident response firm to assist in securing the environment and conducting a detailed forensic investigation. This investigation, completed on December 11, 2024, confirmed that an unauthorized individual had gained limited access to information stored within Starkville’s systems.   Following the investigation, Starkville retained a third-party data...

Mon, May 12, 2025

Nixon, Inc. Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 12, 2025) – On April 18, 2025, an investigation concluded that an unauthorized individual accessed files within the Nixon, Inc. systems containing personal information. During their presence in the IT environment, the unauthorized party may have accessed files that included certain personal details. Nixon, Inc. was first alerted to unusual activity within its information technology environment on December 18, 2024. In response, it promptly launched an internal investigation, implemented measures to secure its systems, and notified...

Tue, May 06, 2025

The Tailored Closet of Southern Maine Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 6, 2025) – The Tailored Closet of Southern Maine (TCSM) recently identified an incident involving unauthorized access to its payroll system. Upon discovery, TCSM took immediate action to secure the system and launched a thorough investigation to determine the nature and scope of the incident. The investigation confirmed that an unauthorized actor accessed the payroll system on April 23, 2025. During the review, TCSM identified a file that was viewed by the unauthorized actor. On April...

Tue, May 06, 2025

GeoLogics Corporation Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 6, 2025) – On October 16, 2024, GeoLogics identified that certain personal information may have been accessed or acquired from its network during a limited timeframe between December 21 and December 23, 2023. Upon discovery, GeoLogics immediately launched a comprehensive investigation and took steps to assess and mitigate the situation. As part of its response, GeoLogics undertook a detailed review of the data set to determine whether any sensitive personal information was involved and to identify...

Tue, May 06, 2025

Family Christian Health Center Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 6, 2025) – On April 30, 2025, Family Christian Health Center reported a cybersecurity incident to the U.S. Department of Health and Human Services. Reports indicate that the ransomware group known as RansomHub claimed responsibility for the breach, alleging they had obtained 118 GB of confidential data and threatened to release it on the dark web within a week. The breach impacted an estimated 12,500 individuals across the United States. Although the exact nature of the...

Fri, May 02, 2025

OrthoMinds, LLC Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 2, 2025) – OrthoMinds, LLC, a provider of orthodontic software based in Alpharetta, Georgia, has reported a data breach that may have affected information tied to services offered to its clients. In November 2024, the company identified suspicious activity within its network environment. A subsequent investigation revealed that certain databases may have been subject to unauthorized access between November 17 and November 27, 2024. Through its review of the impacted files and directories, OrthoMinds confirmed that...

Fri, May 02, 2025

301 Scrubs Investors (Scrubs & Beyond and Kindthread) Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 2, 2025) – 301 Scrubs Investors, LLC, doing business as Scrubs & Beyond LLC and Kindthread (Kindthread), is notifying individuals of a recent data security incident that may have involved personal information. On June 7, 2024, Kindthread detected unauthorized activity within its computer network. In response, the company immediately launched an investigation with the assistance of third-party forensic specialists to assess the nature and scope of the incident. The investigation confirmed that an unauthorized party had...

Fri, May 02, 2025

Brainard Surgery Center LLC Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 2, 2025) – Brainard Surgery Center LLC (Brainard) recently disclosed a data breach involving the potential compromise of sensitive personally identifiable information and protected health information under its care. According to the breach notification, Brainard detected suspicious activity within its computer network on February 23, 2025, prompting the company to initiate an investigation into the nature and scope of the incident. As a result of this investigation, Brainard confirmed on January 30, 2025, that an unauthorized...

Fri, May 02, 2025

Lincoln Financial Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 2, 2025) – Lincoln Financial was recently notified that Kelly Benefits—a third-party provider of benefits administration, payroll solutions, and broker and consulting services—was the target of a cybersecurity incident. Employers partner with Kelly Benefits to manage payroll and/or group benefits enrollment, which may include group insurance products offered by Lincoln Financial or other insurance providers. Kelly Benefits determined that between December 12 and December 17, 2024, unauthorized access occurred on their servers, and certain files were...

Fri, May 02, 2025

Good Neighbors Federal Credit Union Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 2, 2025) – On or around December 10, 2024, Good Neighbors Federal Credit Union (GNFCU) experienced unauthorized access to its network. Upon discovering the incident, GNFCU immediately launched a thorough investigation. The credit union has been working closely with external cybersecurity experts who specialize in managing incidents of this nature. Following an in-depth forensic investigation and a comprehensive review of relevant documents, GNFCU determined on April 4, 2025, that certain personal information stored on its network...

Fri, May 02, 2025

Divaris Consolidated Investments, Inc. Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 2, 2025) – Divaris Consolidated Investments, Inc. (Divaris) detected unauthorized access to their network on May 31, 2024. Upon becoming aware of the issue, the organization promptly secured its systems and launched a comprehensive investigation. In collaboration with external cybersecurity experts who specialize in managing such incidents, the organization conducted an in-depth forensic analysis and manual review of documents. This investigation revealed on April 4, 2025, that an unauthorized party may have accessed or acquired certain...

Thu, May 01, 2025

Backblaze Inc. Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 1, 2025) – The law firm of Federman & Sherwood has initiated an investigation into potential securities claims on behalf of shareholders of Backblaze Inc. (NASDAW: BLZE) resulting from allegations that Backblaze Inc. may have issued materially misleading business information to the investing public and/or engaged in other unlawful business practices. On April 24, 2025, Investing.com issued an article entitled, "Backblaze stock plunges amid Morpheus Research report." This article stated that Backblaze "saw its shares plummet"...

Thu, May 01, 2025

Thompson Coburn Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 1, 2025) – Thompson Coburn filed a supplemental notice of data breach with the Maine Attorney General on April 30, 2025.  The firm previously identified suspicious activity within its network on May 29, 2024. The firm immediately launched an investigation, enlisting the help of independent forensic experts to assess the nature and scope of the incident. The investigation concluded that an unauthorized party accessed or acquired certain personal and sensitive data stored within Thompson Coburn’s systems...

Thu, May 01, 2025

iHeartMedia + Entertainment, Inc. Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 1, 2025) – Between December 24 and December 27, 2024, an unauthorized individual accessed and obtained files from systems located at a limited number of iHeartMedia’s local stations. Upon discovering the incident, iHeartMedia promptly activated its incident response protocols, took immediate steps to contain the breach, and initiated a thorough investigation. The company also engaged a reputable cybersecurity firm with experience in similar matters and notified law enforcement authorities. Following a detailed review of the affected...

Thu, May 01, 2025

Conrey Insurance Brokers Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 1, 2025) – On November 13, 2024, Conrey Insurance Brokers detected unusual activity within its network and promptly launched an investigation. The investigation revealed that an unauthorized party had accessed a portion of the network between November 12 and November 13, 2024. As a result, Conrey Insurance Brokers conducted a thorough review to determine the type of information that may have been involved. This review was completed on April 10, 2025. Federman & Sherwood is conducting...

Thu, May 01, 2025

Hopkinson & Abbondanza, PA Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 1, 2025) – Around February 19, 2025, Hopkinson & Abbondanza, PA (H&A) became aware of potential unauthorized access to an employee's email account. Upon discovery, the company promptly secured its email system and engaged a third-party forensic firm to investigate the incident. Following a comprehensive investigation, H&A determined on April 9, 2025, that a limited amount of information maintained in the normal course of business may have been accessed by an unauthorized third party in connection...

Thu, May 01, 2025

a.Maximus, Inc. (Maximus) Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 1, 2025) – On April 29, 2025, Maximus reported the incident to the Texas Attorney General’s Office. According to the filing, 4,514 individuals in Texas were impacted. Maximus notified affected consumers through printed publications, U.S. Mail, and statewide media broadcasts in Texas. Federman & Sherwood is conducting a comprehensive investigation into the data breach to determine its full extent, including whether additional information was affected and the overall impact of the incident. The firm strongly encourages...

Thu, May 01, 2025

Ascension Health Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 1, 2025) – Ascension is notifying certain patients about a recent security incident involving one of its former business partners. On December 5, 2024, Ascension was informed that the business partner had fallen victim to a hacking incident. Following a thorough investigation, it was determined on January 21, 2025, that Ascension had inadvertently disclosed patient data to the affected partner, and that the data was likely stolen during the breach. Ascension has confirmed that its own...

Thu, May 01, 2025

Complete Payroll Solutions Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 1, 2025) – Around March 10, 2024, Complete Payroll Solutions (CPS) detected suspicious activity within its systems. In response, CPS promptly launched an investigation to determine the nature and scope of the incident. The investigation revealed that an unauthorized third party had accessed or acquired certain data stored on CPS’s systems. CPS then conducted a detailed review of the affected files to determine the type of information involved and identify the individuals impacted. Upon discovering the...

Thu, May 01, 2025

Used Bikes Direct Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (May 1, 2025) – On April 29, 2025, Used Bikes Direct notified the Texas Attorney General of a data breach involving potential unauthorized access to sensitive personally identifiable information within its systems. As of May 1, 2025, the company has not publicly disclosed specific details about the incident. Federman & Sherwood is currently conducting a thorough investigation to assess the full scope of the data breach, including the possibility of further compromised information and the broader implications...

Tue, April 29, 2025

Engelson & Associates, Ltd. (E&A) Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (April 29, 2025) – On or around February 28, 2025, Engelson & Associates, Ltd. (E&A) detected unusual activity involving an employee's email account. Upon discovery, immediate measures were taken to secure the email environment, and independent cybersecurity experts were engaged to investigate the incident and assess whether any sensitive information had been compromised. The investigation determined that an unauthorized actor accessed an E&A employee’s email account for a limited period. Given the nature of the emails contained...

Mon, April 28, 2025

Fitzgerald Auto Malls Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (April 28, 2025) – On or around February 4, 2024, Fitzgerald Auto Malls, operated by JJF Management, detected unauthorized access to its network resulting from a cybersecurity incident that led to the exposure of certain data. Upon discovering the breach, the company promptly secured its systems and launched a comprehensive investigation with the assistance of external cybersecurity professionals. The forensic investigation confirmed that an unauthorized party had accessed or acquired specific files and folders within Fitzgerald Auto...

Mon, April 28, 2025

Silgan Holdings Inc. Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (April 28, 2025) – On February 15, 2024, Silgan detected suspicious activity involving certain computer systems. In response, Silgan took immediate action to secure its network and initiated an investigation to assess the nature and extent of the incident. The investigation confirmed that an unauthorized party accessed specific files and folders within Silgan’s systems and copied certain information between February 2, 2024, and February 16, 2024. Silgan then conducted a comprehensive review to determine whether the affected...

Mon, April 28, 2025

Northern California Children’s Therapy Center (NCCTC) Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (April 28, 2025) – On March 16, 2025, an unauthorized third party exploited a vulnerability in Northern California Children’s Therapy Center’s (NCCTC) system and gained access to certain individuals personal information stored on their system. Upon discovering the breach, NCCTC took immediate action to secure the system and prevent any further access. By March 19, 2025, the technical issue was resolved, and the platform was fully secured. Since the incident, NCCTC has conducted a comprehensive internal review...