Fri, April 18, 2025

Hamilton Health Care System (Nationwide Recovery Service) Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (April 18, 2025) – Nationwide Recovery Service (NRS), a third-party collection agency serving clients across the United States, including affiliates of Hamilton Health Care System’s - Hamilton Emergency Medical Services, Hamilton Physician Group, Hamilton Medical Center, and Anna Shaw Children’s Institute (collectively referred to as Vitruvian Health) - experienced a cybersecurity incident that may have impacted certain individuals personal information. It is important to note that this incident was limited solely to NRS systems. Information systems maintained...

Fri, April 18, 2025

Northeast Georgia Health System Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (April 18, 2025) – On April 8, 2025, Northeast Georgia Health System reported a data breach to the U.S. Department of Health and Human Services, impacting an estimated 21,000 individuals across the United States. While the investigation into the incident remains ongoing, the exposure of sensitive personal and medical information could lead to significant risks for those affected. Federman & Sherwood is actively conducting an in-depth investigation into the data breach to assess its full extent, including...

Fri, April 18, 2025

Athena Cosmetics, Inc. d/b/a RevitaLash Cosmetics Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (April 18, 2025) – On January 16, 2025, Athena identified potentially suspicious activity within its network and promptly launched an investigation, enlisting the support of independent cybersecurity experts. Through this investigation, Athena determined that certain files may have been accessed or acquired without authorization. The company subsequently conducted a thorough review of the affected data and, around April 3, 2025, discovered that the personal information of certain current and former employees and vendors may have been included...

Fri, April 18, 2025

KWS Manufacturing Company, LLC Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (April 18, 2025) – KWS recently became aware of suspicious activity within its computer environment and promptly initiated an investigation with the support of external cybersecurity experts. The investigation revealed that an unauthorized third party accessed KWS’s computer systems between January 24 and January 25, 2025, and obtained certain company files. Following this discovery, KWS conducted a thorough review of the affected files to identify any personal information that may have been included.  KWS is notifying the...

Fri, April 18, 2025

Bunkhouse Management LLC (Bunkhouse) Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (April 18, 2025) – Bunkhouse identified unauthorized activity within its systems and immediately launched an investigation to understand the scope of the incident. The investigation revealed that, in June 2024, an unauthorized individual likely accessed and/or copied specific files stored on Bunkhouse’s systems. The company is currently conducting a detailed review to identify the individuals whose personal information may have been included in those files and to gather accurate contact information. Although the review is still in...

Thu, April 17, 2025

Blue Cross Blue Shield of Texas (BCBSTX) Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (April 17, 2025) – Blue Cross Blue Shield of Texas (BCBSTX) has confirmed a data breach that compromised the personal information of 12,086 Texas residents. The breach was officially reported to The Texas Attorney General and subsequently added to the state’s data breach notification database on Tuesday, April 15, 2025. According to a statement provided to the Dallas Morning News, the breach occurred through the company’s Blue Access for Members (BAM) online portal, a platform used by...

Thu, April 17, 2025

Payroll Management, Inc. Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (April 17, 2025) – On April 8, 2025, Payroll Management experienced a cybersecurity incident. The incident occurred when a client service representative received an email from the account of a known client contact, requesting specific documentation and changes to the client's payroll account. It was later determined that the client contact's email had been compromised. Although no changes were made to the payroll account, the unauthorized party was able to obtain a copy of an employee pay...

Thu, April 17, 2025

Medical Express Ambulance Inc. (MedEx Ambulance or MedEx) Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (April 17, 2025) – On March 18, 2024, MedEx experienced a network disruption that affected the functionality and accessibility of certain systems. Upon identifying the issue, MedEx immediately disconnected network access and engaged a specialized third-party cybersecurity firm, along with internal IT personnel, to help secure the environment and conduct a thorough forensic investigation into the incident's nature and scope. The investigation concluded that personal information may have been accessed or acquired by a threat actor. In...

Thu, April 17, 2025

The Hertz Corporation (Hertz, Dollar and Thrifty) Data Breach - Investigated by Federman & Sherwood

Oklahoma City, Oklahoma (April 17, 2025) – Hertz recently announced that Cleo Communications US, LLC (Cleo), a third-party vendor that provides a file transfer platform used by the company, experienced a data breach that may have exposed sensitive and/or personal information of certain individuals. As noted in the breach notification, Hertz was informed that data within its own systems could have been impacted due to the Cleo security incident. In response, Hertz promptly launched an internal investigation to determine the...