Ravkoo, Inc. (Ravkoo) recently announced that personally identifiable information and protected health information more than 100,000 individuals were exposed in a data breach. Ravkoo is an online prescription filling service that describes itself as a digital pharmacy and software service provider with over 400 distribution centers. Ravkoo disclosed in January 2022 that highly sensitive personal and medical information belonging to its customers was accessed by unauthorized individuals in or before September 2021. The data breach occurred when hackers targeted Ravkoo’s prescription portal, which is hosted on Amazon Web Services (AWS).
The information accessed by the hackers in the data breach includes, but is not limited to, patients’ names, addresses, email addresses, phone numbers, and prescription information.
The exposure of personally identifiable information poses a significant risk of identity theft, such as criminals opening financial accounts, taking out loans, filing fraudulent tax returns, and obtaining government services in the victim’s name. According to a recent FTC survey, the total cost of identity theft is nearly $50 billion per year, with victims losing an average of nearly $5,000 from the misuse of their personal and financial information. The exposure of protected medical information, such as prescriptions, can pose an even greater danger of identity theft. Continue reading