Ravkoo, an Internet-based pharmacy service in the United States, has announced a data breach after its prescription portal may have been illegally accessed, allowing access to personal and health information.
On September 27, 2021, Ravkoo detected that this portal was the target of a cyber security attack
An unauthorized third party attempted to break into the portal. October 2021. 27, Ravkoo’s responsive forensic investigation revealed that certain prescriptions and health information may have been compromised.
The company also said that it found no evidence that it accessed customers’ Social Security numbers in the incident, and added that it did not store SSN data on the affected prescription portals.
Alpesh Patel, CEO of this online pharmacy, said in a comment posted on Ravkoo’s website that he is reporting the incident to the FBI.
In addition, Ravkoo has not received any reports of identity theft related to this data breach since September 27, the date of the incident, so there is no evidence yet that the information leaked in the incident has been misused.
The company will also provide victims with Kroll Information Assurance’s online personal information monitoring service free of charge for one year to help resolve the identity theft issues related to this data breach.
The hack was reportedly “hilariously easy” and the attackers claimed to have been able to access Ravkoo’s system using a hidden admin panel that allowed them to see all the data.
The hackers also provided records of 340,000 prescriptions filled by Ravkoo between November 3, 2020 and September 11, 2021, which equates to an estimated $8.5 million in drug costs
Comments