PurFoods data breach impacts over 1.2M people

More than 1.2 million individuals had their data compromised following a data breach at U.S. health-focused home meal delivery service PurFoods in January, which was only identified the following month, reports The Record, a news site by cybersecurity firm Recorded Future. Such a breach may have resulted in unauthorized access to individuals' names, Social Security numbers, financial account and medical details, health insurance identification numbers, passwords, and security codes but there has been no evidence suggesting misuse or further leak of sensitive user data, said PurFoods in a regulatory filing sent last week. However, a breach notification notice sent to Maine-based customers noted that an ongoing investigation into the incident revealed that aside from certain files being encrypted, PurFoods has also discovered data exfiltration tools in its network, suggesting the possibility of server data theft. Further security measures are already being planned to be implemented by the company, which also pledged to bolster cybersecurity training for its employees.