Fri, April 25, 2025

Oklahoma City, Oklahoma (April 25, 2025) – On April 15, 2025, Vanni & Humphrey began mailing data breach notification letters to individuals affected by a cybersecurity incident. According to the notice filed with the California Attorney General, the firm is offering complimentary credit monitoring services and has outlined the specific types of sensitive information involved. Vanni & Humphrey notified the California Attorney General of a data breach involving potentially sensitive and personal information, affecting certain individuals. According to the notice,...

Fri, April 18, 2025

Oklahoma City, Oklahoma (April 18, 2025) – On January 16, 2025, Athena identified potentially suspicious activity within its network and promptly launched an investigation, enlisting the support of independent cybersecurity experts. Through this investigation, Athena determined that certain files may have been accessed or acquired without authorization. The company subsequently conducted a thorough review of the affected data and, around April 3, 2025, discovered that the personal information of certain current and former employees and vendors may have been included...

Fri, April 18, 2025

Oklahoma City, Oklahoma (April 18, 2025) – KWS recently became aware of suspicious activity within its computer environment and promptly initiated an investigation with the support of external cybersecurity experts. The investigation revealed that an unauthorized third party accessed KWS’s computer systems between January 24 and January 25, 2025, and obtained certain company files. Following this discovery, KWS conducted a thorough review of the affected files to identify any personal information that may have been included.  KWS is notifying the...

Thu, April 17, 2025

Oklahoma City, Oklahoma (April 17, 2025) – Blue Cross Blue Shield of Texas (BCBSTX) has confirmed a data breach that compromised the personal information of 12,086 Texas residents. The breach was officially reported to The Texas Attorney General and subsequently added to the state’s data breach notification database on Tuesday, April 15, 2025. According to a statement provided to the Dallas Morning News, the breach occurred through the company’s Blue Access for Members (BAM) online portal, a platform used by...

Thu, April 17, 2025

Oklahoma City, Oklahoma (April 17, 2025) – On April 8, 2025, Payroll Management experienced a cybersecurity incident. The incident occurred when a client service representative received an email from the account of a known client contact, requesting specific documentation and changes to the client's payroll account. It was later determined that the client contact's email had been compromised. Although no changes were made to the payroll account, the unauthorized party was able to obtain a copy of an employee pay...

Thu, April 17, 2025

Oklahoma City, Oklahoma (April 17, 2025) – On March 18, 2024, MedEx experienced a network disruption that affected the functionality and accessibility of certain systems. Upon identifying the issue, MedEx immediately disconnected network access and engaged a specialized third-party cybersecurity firm, along with internal IT personnel, to help secure the environment and conduct a thorough forensic investigation into the incident's nature and scope. The investigation concluded that personal information may have been accessed or acquired by a threat actor. In...

Thu, April 17, 2025

Oklahoma City, Oklahoma (April 17, 2025) – On April 21, 2024, Thede Culpepper discovered unusual activity on its computer network. Upon identifying the issue, immediate steps were taken to initiate an internal investigation and contain the incident. A cybersecurity firm was engaged to conduct a further investigation and confirm the security of Thede Culpepper’s computer systems. At that time, there was no evidence of unauthorized access or acquisition of any documents. However, it was later discovered that, during the incident,...

Thu, April 17, 2025

Oklahoma City, Oklahoma (April 17, 2025) – On December 17, 2024, HPI identified unusual and suspicious activity within its network. Upon detection, the company took immediate action by initiating a thorough investigation into the source and nature of the activity. HPI engaged cybersecurity experts to assist with the analysis and response. As part of this effort, the company also implemented additional security measures to protect its network and sensitive data from further compromise. Through the investigation, it was determined that...

Thu, April 17, 2025

Oklahoma City, Oklahoma (April 17, 2025) – On or around January 7, 2025, US Claims detected suspicious activity within its network environment. Upon discovering the activity, US Claims initiated an investigation into the cybersecurity incident, retaining legal counsel and third-party forensic experts to assist in the inquiry. The company then conducted a thorough review of the data to identify any sensitive or personal information that may have been affected and to determine whose information was involved. On March 25, 2025,...

Thu, April 17, 2025

Oklahoma City, Oklahoma (April 17, 2025) – On March 13, 2025, the Hartwick College (the college) confirmed that personal information was involved in an unauthorized access incident affecting its computer environment. The incident was first identified on October 26, 2024, when the college detected suspicious activity following a temporary disruption of its network. In response, immediate steps were taken to secure the system, and an investigation was launched to determine the nature and extent of the incident, including whether any...

Thu, April 17, 2025

Oklahoma City, Oklahoma (April 17, 2025) – On February 28, 2025, Bluestone Bank experienced an administrative error that led to the unauthorized disclosure of certain personal information to another customer. Bluestone stated in the notice letter, the information was sent via encrypted email, ensuring it could not be intercepted by anyone other than the intended recipient. The email was also promptly removed from the secure email portal, preventing any further access. Additionally, the individual who received the information signed a...

Mon, April 14, 2025

Oklahoma City, Oklahoma (April 14, 2025) – On February 3, 2025, True Dental Care (True Dental) discovered that an unauthorized individual had gained access to its computer system and deployed a virus that encrypted its data.  During the incident, certain patient information was accessed and viewed by the intruder. Upon discovery, True Dental immediately engaged a leading forensic cybersecurity firm to investigate the incident, enhance system security, and prevent further unauthorized access.  True Dental reported the data breach, that affected...

Mon, April 14, 2025

Oklahoma City, Oklahoma (April 14, 2025) – Worthington Steel has reported a data breach to the U.S. Department of Health and Human Services, indicating that unauthorized access occurred on one of its network servers. Preliminary details suggest the incident was likely the result of hacking or another type of IT-related intrusion, where unauthorized individuals gained access to sensitive information through the company’s computer systems. The breach, which impacted approximately 3,864 individuals, involved protected health information associated with the company's health...

Fri, April 11, 2025

Oklahoma City, Oklahoma (April 11, 2025) – On or around March 3, 2025, Central Texas Pediatric Orthopedics (CTPO) detected suspicious activity involving its IT infrastructure, prompting an immediate response. CTPO quickly engaged third-party cybersecurity specialists to conduct a thorough investigation into the nature and scope of the security incident. The investigation confirmed that an unauthorized third party—identified as the Qilin ransomware group—had infiltrated CTPO’s systems and exfiltrated sensitive personal and protected health information. CTPO is continuing to evaluate the full...

Fri, April 11, 2025

Oklahoma City, Oklahoma (April 11, 2025) – Loretto Hospital (Loretto) became aware of suspicious activity involving its computer network and immediately launched an investigation. The findings revealed that an unauthorized actor accessed Loretto’s network between January 17, 2025, and February 1, 2025, during which time certain files were copied. A review is currently underway to determine the contents of those files and identify the individuals potentially affected. Additionally, it was determined that data entered into the electronic medical record system...

Fri, April 11, 2025

Oklahoma City, Oklahoma (April 11, 2025) – On January 8, 2024, MLG identified suspicious activity involving a firm email account and promptly launched an investigation. This included engaging third-party cybersecurity experts to help ensure a thorough and effective response. The investigation determined that an unauthorized individual had accessed the account, and certain information may have been viewed or acquired between December 26, 2023, and January 8, 2024. Following this discovery, MLG began working diligently—alongside external specialists—to identify what data may...

Fri, April 11, 2025

Oklahoma City, Oklahoma (April 11, 2025) –On or around February 19, 2025, Mercury detected suspicious activity suggesting a potential cybersecurity incident. The company took immediate action to contain the situation and reduce any potential impact. Mercury also notified law enforcement and brought in an independent cybersecurity firm to conduct a comprehensive investigation. The investigation, which was recently completed, confirmed that the incident was limited in scope and duration—occurring only between February 18 and February 19, 2025. However, on or about...

Fri, April 11, 2025

Oklahoma City, OK (April 11, 2025) – Federman & Sherwood, a nationally recognized class-action litigation firm with offices in Oklahoma City and Dallas, has launched an investigation into the potential health risks associated with the use of Depo-Provera (DP) and its generic equivalent, Depot Medroxyprogesterone Acetate (DMPA). These medications are widely prescribed as injectable birth control and are also used to regulate menstrual cycles. In higher doses, they may also be administered to treat certain forms of cancer. Recent medical...

Fri, April 11, 2025

Oklahoma City, Oklahoma (April 11, 2025) – On July 2, 2024, Unity National Bank identified suspicious activity involving an employee’s email account. A subsequent investigation, conducted in collaboration with third-party forensic experts, confirmed that unauthorized individuals had accessed the email accounts of certain employees between July 2 and July 3, 2024. After completing a thorough review of the impacted data, concluded on March 10, 2025, Unity National Bank determined that the personal information of 9,574 customers in Texas had been...

Fri, April 11, 2025

Oklahoma City, Oklahoma (April 11, 2025) – On April 10, 2025, South Plains Implement filed a notice of data breach with the Attorney General of Texas. According to the filing, approximately 1,978 Texans were affected, and notices were sent via the United States Postal Services.  There is currently very little information regarding this data breach. Federman & Sherwood is conducting a comprehensive investigation to determine the full scope of the incident, including whether additional information was compromised and the extent...

Fri, April 11, 2025

Oklahoma City, Oklahoma (April 11, 2025) – On October 27, 2024, Laboratory Services Cooperative (LSC) detected suspicious activity within its computer network. Upon identifying the unusual activity, LSC acted swiftly by engaging independent third-party cybersecurity experts to conduct a comprehensive investigation into the nature and scope of the incident. LSC also promptly notified federal law enforcement authorities to ensure appropriate oversight and coordination during the investigation. Through this investigation, it was determined that an unauthorized third party had gained access...

Fri, April 11, 2025

Oklahoma City, Oklahoma (April 11, 2025) – On January 19, 2024, Omni Healthcare experienced a network disruption that affected certain systems. Upon discovering the incident, Omni Healthcare took immediate steps to respond and launched an investigation, including engaging third-party specialists to help determine the nature and scope of the event. The investigation revealed that an unauthorized actor may have accessed limited information stored on Omni Healthcare’s network between January 18 and January 19, 2024. As a result, Omni Healthcare conducted...

Thu, April 10, 2025

Oklahoma City, Oklahoma (April 10, 2025) – CPI recently became aware of suspicious activity within its computer network. Upon discovering the activity, CPI took action to secure its systems and launched an investigation into the nature and scope of the issue, with the assistance of third-party cybersecurity and data privacy specialists. The investigation revealed that an unauthorized actor accessed CPI’s network at various times between September 12, 2024, and September 23, 2024, and viewed or copied certain information from its...

Thu, April 10, 2025

Oklahoma City, Oklahoma (April 9, 2025) – Kelly Benefits recently identified suspicious activity within its environment. In response, Kelly Benefits promptly launched an investigation, enlisting the help of third-party forensic specialists to determine the nature and extent of the activity. The investigation revealed that unauthorized access occurred between December 12, 2024, and December 17, 2024, during which certain files were copied and removed. Following this discovery, Kelly Benefits conducted a thorough review of all affected files to identify the information...

Thu, April 10, 2025

Oklahoma City, Oklahoma (April 9, 2025) – On March 12, 2025, Lee Valley Tools became aware of suspicious activity on a cloud server supporting its website. The company promptly launched an investigation, engaged cybersecurity experts, and implemented measures to secure its website and protect customer data. Although Lee Valley Tools’ systems do not receive or store credit card information (since payment details are transmitted directly to the card processor from the user’s device), the investigation determined that an unauthorized third...

Thu, April 10, 2025

Oklahoma City, Oklahoma (April 9, 2025) – On September 26, 2024, American Association of Colleges of Osteopathic Medicine detected unusual activity related to an employee email account. In response, AACOM immediately secured its email system and enlisted independent experts to conduct a thorough investigation. The investigation revealed that certain emails and attachments may have been accessed or acquired without authorization. Following this discovery, AACOM launched an in-depth review to assess the nature of the compromised information, identify the affected individuals,...

Thu, April 10, 2025

Oklahoma City, Oklahoma (April 9, 2025) – Federman & Sherwood has launched an investigation into Fidelity Life Association “Fidelity Life” following a recently reported data breach. On April 4, 2025, Fidelity Life reported a data breach to the Texas Attorney General after discovering that an unauthorized party had gained access to personal information submitted to the company. According to the notice, the breach exposed sensitive consumer data, including names, addresses, driver’s license numbers, and medical information. Following the completion of...

Wed, April 09, 2025

Oklahoma City, OK (April 8, 2025) – SoloPoint Solutions, Inc., is under investigation by Federman & Sherwood following a data breach. On January 15, 2025, SoloPoint detected suspicious activity on their server. SoloPoint enlisted the help of a cybersecurity forensics firm to investigate the incident.  Law enforcement was notified, and a complaint was filed with the U.S. Federal Bureau of Investigation's Internet Crime Complaint Center.  The forensic investigation revealed that an unauthorized third party gained access to SoloPoint Solutions’ internal...

Wed, April 09, 2025

Oklahoma City, Oklahoma (April 9, 2025) – Federman & Sherwood has launched an investigation into Harcourts Prime Properties following a recently reported data breach. On April 3, 2025, Harcourts Prime Properties officially notified the California Attorney General’s Office that their systems had been compromised. According to the company’s disclosures, on March 20, 2025, Harcourts Prime Properties first became aware of a ransom demand posted on the Dark Web. The threat was accompanied by several leaked documents, which included Agent Information...

Wed, April 09, 2025

Oklahoma City, OK (April 8, 2025) – Hebrew Home for Aged Disabled, operating as San Francisco Campus for Jewish Living (SFCJL), is under investigation by Federman & Sherwood following a data breach. On April 7, 2025, SFCJL notified the Maine Attorney General about the breach. The incident, which occurred around December 27, 2024, involved unauthorized access to an employee's email account, compromising certain individuals’ personal information. An investigation confirmed the breach, and by April 2, 2025, SFCJL had completed a...