Two New Jersey medical groups have notified patients that their data may have been compromised in a recent security incident. Family & Community Services in Ohio is investigating a cyberattack that exposed patient data.

Passaic Hospitalist Services/ Passaic River Physicians, New Jersey

Legal counsel for two New Jersey medical groups has notified patients of the medical groups Passaic Hospitalist Services and Passaic River Physicians that some of their protected health information has potentially been stolen in a recent data security incident.

Suspicious activity was identified within its computer systems, and an investigation was launched to determine the cause of the activity, which revealed unauthorized access and acquisition of files from certain systems between May 22 and May 23, 2025. A review was conducted of all files on the compromised parts of the network, and it was determined on September 11, 2025, that protected health information was involved, including names, dates of birth, addresses, diagnosis information, provider names, dates of service, treatment information, and/or health insurance information.

Notification letters are now being mailed to the affected individuals. The incident is not yet shown on the HHS’ Office for Civil Rights website, so it is currently unclear how many individuals have been affected.

Family & Community Services, Ohio

Family & Community Services Inc., a social services organization in Ravenna, Ohio, has recently written to its clients to inform them about the potential theft of some of their personal data. On May 22, 2025, Family & Community Services identified activity within its computer systems indicative of unauthorized access. Third-party cybersecurity experts were engaged to investigate the activity and confirmed unauthorized access to its computer systems.

The investigation and data review are ongoing, and Family & Community Services has not yet determined the number of individuals affected or the exact types of data involved. Notification letters will be mailed to the affected individuals when the file review is completed. The letters will detail the types of data involved. In the meantime, clients have been advised to remain vigilant against incidents of identity theft and fraud. Family & Community Services said it restored operations in a safe and secure manner, and steps have been taken to enhance security. Those measures include hardening remote entry points, which indicates the likely initial access vector in the incident.  Steps have also been taken to strengthen access controls.

The post New Jersey Medical Groups Warn Patients About Data Breach appeared first on The HIPAA Journal.

Goshen Medical Center, a federally qualified healthcare organization serving patients in eastern North Carolina, is notifying 456,385 individuals about a recent security incident that exposed some of their personal and protected health information. Suspicious activity was identified within its computer systems on March 4, 2025. Third-party cybersecurity specialists were engaged to investigate the activity and confirmed that an unauthorized third party had access to its network, and files containing sensitive patient data may have been viewed or acquired on February 15, 2025.

A comprehensive review was conducted of the exposed files, and on September 12, 2025, Goshen Medical Center confirmed that the files contained patient names, addresses, dates of birth, Social Security numbers, driver’s license numbers, and medical record numbers. Goshen Medical Center has implemented additional safeguards to prevent similar incidents in the future and has offered the affected individuals up to 24 months of complimentary credit monitoring and identity theft protection services.

Survival Flight

Survival Flight, an Arkansas-based rapid response air & ground emergency medical service provider, experienced a cybersecurity incident on July 17, 2025, that impacted its IT systems. In an August 12, 2025, website notice, Survival Flight explained that it is currently working to determine the full extent to which patient information has been compromised, although it has been confirmed that information such as names, addresses, treatment information, and health insurance information was likely compromised in the incident.

When the review of the affected data is completed, notification letters will be mailed, and resources will be provided to help the affected patients protect their information. At the time of publishing the website notification, no misuse of patient data had been identified. Survival Flight has confirmed that it has taken steps to improve security to prevent similar breaches in the future. While the name of the threat group behind the attack was not disclosed in the notice, the Worldleaks ransomware group (formerly Hunters International) claimed responsibility for the attack and added Survival Leak to its dark web data leak site. Worldleaks claims to have leaked the full 2.8 TB of data stolen in the attack.

The post Goshen Medical Center Notifies 456,000 Individuals About Hacking Incident appeared first on The HIPAA Journal.

Cybercriminals have gained access to employee email accounts at Community Health Network in Indiana and Mid South Rehab Services in Mississippi and may have exfiltrated patient information.

Community Health Network, Indiana

Community Health Network, a non-profit health system with more than 200 locations and affiliates in Central Indiana, has recently notified 13,939 Indiana residents about a security incident involving unauthorized access to an employee’s email account. The intrusion was identified on February 26, 2025, and the threat was immediately contained. An investigation was launched to determine the nature and scope of the unauthorized activity, and it was confirmed that the breach was limited to a single email account, which was accessed by an unauthorized individual between February 25 and February 26, 2025.

The email account was reviewed, and on May 8, 2025, it was confirmed that the account contained patients’ protected health information. Following a comprehensive manual document review, on July 15, 2025, Community Health Network confirmed the number of individuals affected and the types of information involved. The exposed data was limited to names, dates of birth, medical information, and health insurance information, which was potentially copied from the email system. After verifying contact information, the affected individuals were notified by mail on September 12, 2025, and advised to remain vigilant against misuse of their data by checking their accounts, free credit reports, and explanation of benefits statements. Credit monitoring services do not appear to have been offered.

Mid South Rehab Services Inc., Mississippi

Mid South Rehab Services Inc., a Ridgeland, Mississippi-based provider of physical, occupational, and speech therapy services, has recently notified patients about a breach of its email environment. Unauthorized activity was identified in an employee’s email account on or around January 16, 2025. The email account was immediately secured, and an investigation was launched to determine the nature and scope of the activity. The investigation covered its entire email environment and confirmed that two email accounts had been accessed by an unauthorized third party.

The review of those accounts confirmed that emails and attachments contained patient information such as names, dates of birth, Social Security numbers, and medical/health information. The affected individuals have been advised to monitor their account statements, credit reports, and explanation of benefit statements for unusual activity. The data breach has been reported to regulators, but the incident is not yet shown on the HHS’ Office for Civil Rights breach portal, so it is currently unclear how many individuals have been affected.

The post Data Breaches Announced by Community Health Network; Mid South Rehab Services appeared first on The HIPAA Journal.

Retina Group of Florida is the latest eye care provider to report a breach of patient data. The protected health information of almost 153,000 patients was potentially compromised in a November 2024 hacking incident. Retina Group of Florida is a multi-physician, 22-office ophthalmology practice specializing in diseases of the retina. On November 9, 2024, suspicious activity indicative of an intrusion was identified in a portion of its computer network. Immediate action was taken to secure its network and contain the potential threat, and an investigation was launched to determine the nature and scope of the activity.

The investigation confirmed unauthorized network access to parts of its network starting on November 6, 2024. Over the four-day intrusion, patient data may have been copied from the network. The review of all exposed files was completed on August 18, 2025, and over the next month, contact information was verified to allow notification letters to be sent. The notification process started on September 16, 2025, and the affected individuals have been offered credit monitoring and identity theft protection services for 12 months. The HHS’ Office for Civil Rights was notified about the incident on September 9, 2025. The breach report indicates that the electronic protected health information of up to 152,691 individuals was potentially compromised.

Several other data breaches have been reported by ophthalmology practices this year, including a 107,000-record data breach at Black Hills Regional Eye Institute and a 205,000-record data breach at Asheville Eye Associates.

Hampton Regional Medical Center, South Carolina

Hampton Regional Medical Center, a general acute care hospital in Varnville, South Carolina, has warned patients that they may have had some of their personal and health data exposed in a recent cybersecurity incident. Suspicious activity was identified in its computer systems on or around July 16, 2025. An investigation was launched, and it was confirmed that an unauthorized third party had access to certain systems between June 18 and July 16, 2025. During that time, unauthorized access to patient data was possible and patient data may have been copied from its computer systems.

The exposed files are currently being reviewed to determine which patients have been affected and the types of information involved. That process has yet to be completed, so the number of affected individuals is not yet known. Currently, information known to have been exposed includes names, dates of birth, Social Security numbers, driver’s license/state identification numbers, other demographic information, and medical information.

Notification letters will be mailed to the affected individuals when the file review is concluded. In the meantime, all patients have been advised to remain vigilant against identity theft and fraud by monitoring their account statements, free credit reports, and explanation of benefits statements. Hampton Regional Medical Center is implementing additional administrative and technical safeguards to harden security and is reviewing its policies and procedures.

The post Florida Eye Care Provider Data Breach Affects 153,000 Patients appeared first on The HIPAA Journal.

Teamsters Union 25 Health Services & Insurance Plan, a health and wellness benefits plan for members of Teamsters Union Local 25, a trade union representing truck drivers, warehouse workers, clerical workers, and service and technology employees, identified suspicious activity within its computer network on or around August 1, 2025, potentially indicating unauthorized access.

Third-party cybersecurity experts were engaged to investigate the activity and confirmed unauthorized access to the network. Further investigation uncovered evidence that certain data on the network was accessed and potentially copied without authorization. The data related to members of the Teamsters Union 25 Health Services & Insurance Plan and the Teamsters Union 25 Investment Plan.

The review of the affected files was completed on August 18, 2025, and notification letters were mailed to the affected individuals on September 3, 2025. The affected individuals have been offered 12-24 months of complimentary credit monitoring and identity theft protection services, and steps have been taken to enhance security to prevent similar breaches in the future. The data involved varies from individual to individual and may include names, member IDs, Social Security numbers, health information, and health insurance information. The HHS’ Office for Civil Rights was informed that the protected health information of 19,231 individuals was compromised in the incident.

Anthony L. Jordan Health Corporation

Anthony L. Jordan Health Corporation (AJHC) in Rochester, New York, has fallen victim to a phishing attack that involved unauthorized access to the email, OneDrive, and SharePoint accounts of three employees. Suspicious activity was identified in an employee’s email account on June 30, 2025. The account was immediately secured, and an investigation was launched to determine the nature and scope of the incident.

The investigation confirmed that an unauthorized actor had accessed the accounts at various times between April 30, 2025, and July 9, 2025, after the employees responded to phishing emails. The purpose of the unauthorized access appeared to be to fraudulently obtain funds from Jordan Health, rather than to obtain patient data; however, unauthorized access to patient information could not be ruled out.

The affected accounts were reviewed and found to contain patient information such as names, dates of birth, medical record numbers, provider names, dates of service, and health insurance information. In total, 2,974 patients potentially had information compromised in the incident. Jordan Health has provided additional cybersecurity awareness training to the workforce to prevent similar incidents in the future.

Sentara Health

Last week, Sentara Health notified 696 patients about a mailing incident that disclosed a limited amount of patient data. The mailing was sent to patients of a specific Sentara Behavioral Health Specialists provider to advise them of the departure of that provider from Sentara.

An error was made when compiling the list of recipients for the mailing, resulting in the mismatching of patients’ names and addresses. Letters intended for one patient were sent to a different patient, resulting in the disclosure of the patient’s name, location of the practice, and the provider’s name. Sentara Health addressed the matter with the employee in question, according to its internal policies and procedures, and has taken steps to prevent similar incidents in the future, including evaluating additional training opportunities.

The post Teamsters Union 25 Health Services & Insurance Plan Hacking Incident Affects 19,000 Members appeared first on The HIPAA Journal.

The medical education provider US HealthConnect and the California billing services vendor Altos Inc have recently announced cyberattacks and data breaches.

US HealthConnect

US HealthConnect, a provider of continuing medical education and promotional education to healthcare providers, has recently announced a cybersecurity incident that was identified on January 25, 2025. Suspicious activity was identified within its computer network, and third-party cybersecurity specialists were engaged to investigate to determine the nature and scope of the activity.

The investigation confirmed that an unauthorized third party had access to its network and may have obtained certain information from the affected systems, including names and Social Security numbers. After validating the results and obtaining up-to-date contact information, notification letters started to be issued on September 4, 2025.

US HealthConnect has enhanced its existing policies and procedures and implemented additional administrative and technical safeguards to protect against similar incidents in the future, and the affected individuals have been offered up to 24 months of complimentary credit monitoring and identity theft protection services.  The data breach has been reported to regulators, although it is currently unclear how many individuals have been affected.

Altos Inc.

Altos Inc., a provider of medical billing, medical transcription & medical management services to healthcare providers in southern California, has discovered that an internal system containing patients’ protected health information has been accidentally exposed to the Internet.

The security error was identified on June 17, 2025. The exposed system was immediately secured, and an investigation was launched to determine how the error occurred and the information that had been exposed. On July 21, 2025, Altos determined that the exposed system contained the protected health information of 6,414 individuals, including names, addresses, dates of birth, Social Security numbers, and health information.

In addition to securing the exposed system and implementing procedures to reduce the risk of similar incidents in the future, additional security reviews have been conducted, and steps are being taken to improve its overall security posture. While there have been no reports of misuse of patient data in connection with the incident, out of an abundance of caution, the affected individuals have been offered complimentary credit monitoring and identity theft protection services.

The post Data Breaches Announced by US HealthConnect & Altos Inc. appeared first on The HIPAA Journal.