It was just less than a week ago that I told you about a data breach at NextGen healthcare, an electronic health record software company which recently notified a million patients that their personal data had been stolen in a major data breach that apparently occurred between March 29th and April 14th of this year.  That particular data breach is extremely serious because the information stolen included names, dates of birth, Social Security numbers, and home addresses.  Now, I must inform you of an even larger data breach again in the healthcare industry.  This time the victim of the data breach is the national pharmacy network PharMerica. which is now sending out notification letters to more than 5.8 million people informing them that their data was compromised in a data breach that occurred in March, but is only now being disclosed.

The PharMerica data breach is serious because among the personal information stolen was names, addresses, birth dates, Social Security numbers, health insurance information and medical information.  This sensitive data puts PharMerica’s customers in serious danger of identity theft.  In an unusual twist, some of the information stolen relates to deceased people who were customers of PharMerica.  Identity theft of dead people can still create problems.  Here is a link to a Scam of the day in which I discussed this form of identity theft and what you need to do to correct the problem.

As I have reminded you many times, we are only as safe and secure as the security of the companies, government agencies and websites that have our personal information.  Even if you are extremely diligent in protecting your personal information, you can be in danger of identity theft and scams if your personal information falls into the hands of hackers.

So what can you do to protect yourself from these data breaches that will be occurring?


One important lesson is to limit the amount of personal information that you provide to companies and websites whenever possible.  For example, your pharmacy doesn’t need your Social Security number for its records.  This is particularly significant because health care providers are the biggest targets for data breaches.

You should make sure that you have a unique password for each of your online accounts so that if one of your passwords is compromised in a data breach, all of your accounts will not be in danger.  If your information is compromised in a data breach, you should immediately change the password for that account.

If you have not already done so, set up dual factor authentication for each of you accounts where it is available. This will protect you from having those accounts stolen by someone who may have access to your password.

Freezing your credit is also something everyone should do.  It is free and easy to do.  In addition, it protects you from someone using your identity to obtain loans or make large purchases even if they have your Social Security number.  If you have not already done so, put a credit freeze on your credit reports at all of the major credit reporting agencies.  Here are links to each of them with instructions about how to get a credit freeze:

If you are not a subscriber to and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link.