People Inc., one of western New York’s largest non-profit agencies, reported a data breach which has exposed sensitive medical information belonging to up to 1000 current and former clients. People Inc. offers residential care, employment assistant, community outreach programs, healthcare, and recreation schemes for seniors, the vulnerable, and both the families and those who have disabilities.
The breach was discovered on February 19, 2019, and a public notification was made on
Commentary: No organization is immune from cyber attacks, whether they are for profit or not. This is of particular concern for non-profits who may prioritize information security even less than commercial companies. This, combined with the typically low funding that exists in non-profits for IT related matters, makes them easy targets to exploit.