Neurology Center of Nevada Cyberattack Impacts 11,700 Patients

The Neurology Center of Nevada (NCNV), in Henderson, NV, has confirmed a data security event was detected on July 17, 2022, which rendered certain computer systems inaccessible.  Prompt action was taken to secure its systems and an investigation was launched to determine the nature and scope of the security breach, with assistance provided by third-party cybersecurity experts. The investigation confirmed that the threat actors behind the attack had access to its systems for more than a month between June 12, 2022, and July 17, 2022, and during that time, files on its systems were subjected to unauthorized access.

The compromised files contained full names, addresses, dates of birth, gender, driver’s license numbers, Social Security numbers, health insurance information, and medical information, such as diagnosis/treatment information, lab results, and medications. Affected individuals have been notified by mail and advised to monitor their accounts, credit reports, and explanation of benefits statements for unusual activity. NCNV said additional administrative and technical safeguards have been implemented to protect against future security breaches.

The breach has been reported to the HHS’ Office for Civil Rights as affecting up to 11,700 patients.

Northern California Fertility Medical Center Notifies Patients About Attempted Ransomware Attack

Sacramento, CA-based Northern California Fertility Medical Center (NCFMC) has recently announced that it detected and stopped an attempted ransomware attack on its network. The attack was detected on July 24, 2022, and immediate action was taken to contain the attack, secure its systems, and eject the threat actors from its network. A third-party cybersecurity company was engaged to assist with the investigation and incident response and determine the extent and scope of the breach.

NCFMC said no evidence was found to indicate there had been any misuse of patient data, but during the time of unauthorized access to its systems, some sensitive data was exposed, including names and the statuses of ultrasounds performed at NCFMC, and/or cryopreserved tissue stored at NCFMC. No Social Security numbers or financial information were stored on the systems accessed in the attack.

NCFMC said it has altered its tools, policies, and procedures relating to the security of its systems and servers. Complimentary credit monitoring and identity theft protection services have been offered to affected individuals through CyberScout.

It is currently unclear how many individuals have been affected by the incident.

2,000-Record Data Breach Reported by The Coeur Group

Cynthia Paul, M.D., LLC, a psychiatrist doing business as The Coeur Group, in Omaha, NE, has notified 2,020 patients that some of their protected health information has potentially been accessed by an unauthorized individual who gained access to an employee’s email account. The unauthorized access was detected on July 26, 2022, with the investigation confirming the breach occurred between June 7, 2022, and July 12, 2022.

A comprehensive review of the affected email account confirmed it contained patient information such as names, addresses, dates of birth, and other demographic information, health insurance information, and limited clinical information, such as provider names, diagnoses/conditions, and medication information. A limited number of individuals also had their Social Security numbers and credit card information exposed.

In response to the breach, new authentication requirements have been implemented, including multifactor authentication, network procedures have been strengthened, firewalls have been enhanced, and additional alerts have been set up to warn about potential unauthorized access. Affected individuals have been offered a one-year membership to a credit monitoring service.

The post Data Breaches Reported by Neurology and Fertility Centers in Nevada and California appeared first on HIPAA Journal.

Neurology Center of Nevada Cyberattack Impacts 11,700 Patients

The Neurology Center of Nevada (NCNV), in Henderson, NV, has confirmed a data security event was detected on July 17, 2022, which rendered certain computer systems inaccessible.  Prompt action was taken to secure its systems and an investigation was launched to determine the nature and scope of the security breach, with assistance provided by third-party cybersecurity experts. The investigation confirmed that the threat actors behind the attack had access to its systems for more than a month between June 12, 2022, and July 17, 2022, and during that time, files on its systems were subjected to unauthorized access.

The compromised files contained full names, addresses, dates of birth, gender, driver’s license numbers, Social Security numbers, health insurance information, and medical information, such as diagnosis/treatment information, lab results, and medications. Affected individuals have been notified by mail and advised to monitor their accounts, credit reports, and explanation of benefits statements for unusual activity. NCNV said additional administrative and technical safeguards have been implemented to protect against future security breaches.

The breach has been reported to the HHS’ Office for Civil Rights as affecting up to 11,700 patients.

Northern California Fertility Medical Center Notifies Patients About Attempted Ransomware Attack

Sacramento, CA-based Northern California Fertility Medical Center (NCFMC) has recently announced that it detected and stopped an attempted ransomware attack on its network. The attack was detected on July 24, 2022, and immediate action was taken to contain the attack, secure its systems, and eject the threat actors from its network. A third-party cybersecurity company was engaged to assist with the investigation and incident response and determine the extent and scope of the breach.

NCFMC said no evidence was found to indicate there had been any misuse of patient data, but during the time of unauthorized access to its systems, some sensitive data was exposed, including names and the statuses of ultrasounds performed at NCFMC, and/or cryopreserved tissue stored at NCFMC. No Social Security numbers or financial information were stored on the systems accessed in the attack.

NCFMC said it has altered its tools, policies, and procedures relating to the security of its systems and servers. Complimentary credit monitoring and identity theft protection services have been offered to affected individuals through CyberScout.

It is currently unclear how many individuals have been affected by the incident.

2,000-Record Data Breach Reported by The Coeur Group

Cynthia Paul, M.D., LLC, a psychiatrist doing business as The Coeur Group, in Omaha, NE, has notified 2,020 patients that some of their protected health information has potentially been accessed by an unauthorized individual who gained access to an employee’s email account. The unauthorized access was detected on July 26, 2022, with the investigation confirming the breach occurred between June 7, 2022, and July 12, 2022.

A comprehensive review of the affected email account confirmed it contained patient information such as names, addresses, dates of birth, and other demographic information, health insurance information, and limited clinical information, such as provider names, diagnoses/conditions, and medication information. A limited number of individuals also had their Social Security numbers and credit card information exposed.

In response to the breach, new authentication requirements have been implemented, including multifactor authentication, network procedures have been strengthened, firewalls have been enhanced, and additional alerts have been set up to warn about potential unauthorized access. Affected individuals have been offered a one-year membership to a credit monitoring service.

The post Data Breaches Reported by Neurology and Fertility Centers in Nevada and California appeared first on HIPAA Journal.

FMC (Family Medicine Centers) Services, an Amarillo, TX-based network of primary care clinics in Amarillo and Canyon, has recently announced it was the victim of a hacking incident that was detected and blocked on July 26, 2022. A forensic investigation was conducted by a third-party cybersecurity firm to determine the nature and scope of the attack. That investigation did not uncover any evidence to suggest the cyberattack was conducted with a view to misusing patient information; however, files containing patients’ protected health information were exposed and may have been viewed. FMC Services said that at the time of issuing notifications to affected individuals, it had not been made aware of any cases of identity theft or other misuses as a result of the incident.

A comprehensive review of the exposed files confirmed they contained information such as names, mailing addresses, birth dates, and Social Security numbers, and potentially other types of protected health information. Affected individuals have been offered a complimentary membership to an identity theft monitoring service as a precaution.

FMC Services said cybersecurity is taken very seriously and steps are continuously made to improve security to protect against evolving cyber threats, and appropriate actions will be taken in response to this data security incident to further improve its security posture. The incident was reported to the HHS’ Office for Civil Rights as affecting up to 233,948 patients.

Geisinger & Seattle Children’s Hospital Affected by Ransomware Attack on Mail Service Vendor

Danville, PA-based Geisinger Health System and Seattle Children’s Hospital in Washington have both announced that they have been affected by a ransomware attack on their mail service vendor, Kaye-Smith.

Geisinger uses VisitPay for its online billing services, and VisitPay uses the marketing vendor Kaye-Smith. In Late May 2022, Kaye-Smith suffered a ransomware attack that rendered data in its systems unavailable. After conducting an investigation into the attack and a risk assessment, Kaye Smith determined that the threat actors behind the attack potentially accessed and obtained files that contained information provided by its clients for use in marketing and communications campaigns.

Geisinger and Seattle Children’s were notified in September that the data of their patients had potentially been compromised. Geisinger said names, addresses, medical record numbers, dates of service, and payment installment plans had potentially been compromised. Seattle Children’s said the breach involved names, addresses, provider names, medical record numbers, visit details, lab information, guarantor numbers, and the names of insurance carriers.

Kaye Smith, Geisinger, and Seattle Children’s said they are unaware of any cases of misuse of patient data as a result of the incident. Geisinger and Seattle Children’s are working with Kaye Smith to ensure new safeguards are implemented to prevent further security breaches, and Kaye Smith has offered credit monitoring services to affected individuals.

The breach was reported to OCR as affecting 6,750 Seattle Children’s Hospital patients and 2,857 Geisinger patients.

Johnson Memorial Hospital Victim of Malware Attack

Johnson Memorial Hospital in Stafford Springs, CT, part of Trinity Health of New England, has recently announced that the personal and protected health information of some of its patients has been exposed as a result of a malware infection at the Hartford, CT-based law firm, Reid and Riege.

The law firm detected the security breach on March 21, 2022, with the investigation confirming its systems were subjected to unauthorized access between March 21, and March 27, 2022. Johnson Memorial Hospital was notified about the incident on May 27, 2022. At the time of writing, it is unclear how many patients have been affected or the types of information potentially compromised in the attack.

The post More Than 233,000 Patients Affected by Cyberattack on FMC Services appeared first on HIPAA Journal.

Physicians Business Office (PBO), a Parkersburg, WV-based provider of medical practice management and administrative services, has recently disclosed a security incident that occurred in April 2022. PBO detected unusual activity within its network and took immediate steps to isolate the affected systems and prevent further unauthorized access. A third-party computer forensics company was engaged to determine the nature and scope of the breach and assist with the incident response.

The forensic investigation confirmed files were present on the compromised systems that contained the protected health information of certain individuals, including names, home addresses, dates of birth, Social Security numbers, driver’s license numbers, medical treatment and diagnosis information, disability codes, prescription information, and health insurance account information. Those files were potentially accessed and may have been copied from its systems

PBO said the review of the files on its systems took until June 30, 2022, and the affected healthcare provider clients were notified about the breach on July 26, 2022. Consent was then obtained to send notification letters on behalf of the affected healthcare provider clients, and work commenced on obtaining up-to-date contact information for the affected individuals. That process was completed on September 16, 2022, and notification letters were sent shortly thereafter. Affected individuals have been offered complimentary credit and identity monitoring services. PBO said it has now implemented additional security measures to reduce the risk of future breaches.

The data breach has been reported to the HHS’ Office for Civil Rights as affecting up to 196,573 individuals.

Data Breach Affects More than 58,500 Reelfoot Family Walk-In Clinic Patients

Dyersburg Family Walk-In Clinic, doing business as Reelfoot Family Walk-In Clinic in Dyersburg, TN, has recently notified 58,562 patients that some of their protected health information has been acquired by unauthorized individuals who gained access to its computer systems.

Suspicious activity was detected in its computer systems on July 24, 2022, and immediate action was taken to investigate and mitigate the activity. Third-party forensics specialists were engaged to investigate the breach and confirmed that the attackers had access to its systems between July 10, 2022, and August 14, 2022, and during that time certain files were exfiltrated from its systems.

The review of all files potentially accessed was completed on September 16, 2022. Reelfoot said the information that was subjected to unauthorized access included names, Social Security numbers, dates of birth, full home addresses, diagnoses, disability codes, lab results, medications, medical records, other treatment information, driver’s license numbers, financial account information, claims information, patient IDs and other identifiers, and other billings information.

Reelfoot said it is working on improving the security of its systems and will be providing further security awareness training to its workforce. Affected individuals have been offered complimentary credit monitoring services for 12 months.

The post Physicians Business Office Reports Data Breach Affecting 196,573 Individuals appeared first on HIPAA Journal.

Humana has recently announced that the protected health information of 22,767 individuals has potentially been compromised in a security incident and data breach at one of its business associates – Choice Health – which Human used to sell Medicare products on its behalf. On May 18, 2022, Choice Health learned that a Choice Health database was accessible over the Internet, with the investigation confirming the misconfiguration was caused by a third-party service provider.

An unauthorized individual gained access to the database, removed certain database files, and threatened to publicly release the stolen data. The exposed database was detected by Choice Health on May 14, 2022, with the theft of database files identified on May 18. The unauthorized access and data theft occurred on or around May 7, 2022.

Initially, it was thought that the breach was limited to Choice Health lead generation and marketing information; however, further investigations confirmed that the data of some of its carrier partners had also been compromised, including first and last names, Social Security numbers, Medicare beneficiary identification numbers, dates of birth, addresses, other contact information, and health insurance information.

Choice Health worked with its service provider to ensure the database was secured and additional data security measures have been implemented to prevent similar occurrences in the future. Complimentary memberships to credit monitoring and identity theft protection services have been offered to affected individuals.

Tessie Cleveland Community Services Corp Reports Email Account Breach

The Los Angeles, CA-based mental health clinic, Tessie Cleveland Community Services Corp (TCCSC), has recently announced that an unauthorized third party gained access to the email accounts of some of its employees and potentially viewed or obtained the protected health information of patients.

TCCSC identified the unauthorized access on July 20, 2022, and, assisted by a cybersecurity firm, it was confirmed that the email accounts were compromised between June 17, 2022, and June 30, 2022. The investigation suggested the attackers were not interested in obtaining patient information, rather this was an attempted business email compromise attack to commit business fraud against TCCSC; however, the theft of patient data could not be ruled out.

The review of the compromised email accounts confirmed they contained information such as names, demographic information, health insurance identification numbers, limited information regarding care at Tessie, and in some instances, Social Security numbers. Up to 9,747 patients have been notified that their information has been exposed. Credit monitoring services have been offered to eligible individuals.

Email Accounts Breached at Easterseals-Goodwill Northern Rocky Mountain

Easterseals-Goodwill Northern Rocky Mountain, a Great Falls, MT-based provider of services to children and adults with disabilities, has announced a breach of eight employee email accounts and the exposure of the protected health information of 3,886 patients.

Easterseals-Goodwill did not state in its notification letters when the unauthorized access was discovered but said the forensic investigation concluded on July 20, 2022, and determined the email accounts were accessed by an unauthorized individual between October 12, 2021, and November 11, 2021. The email accounts contained names, Social Security numbers, and other personal information, but did not involve its marketing email subscriber list, store transaction information, or donor information.

Notifications were sent to affected individuals on September 16, 2022. Complimentary credit monitoring services have been offered to individuals who had their Social Security numbers exposed. Internal controls have been augmented to prevent similar breaches in the future.

The post Humana Members Impacted by Choice Health Data Breach appeared first on HIPAA Journal.

Wolfe Clinic, P.C in Iowa has recently confirmed that it was affected by the data breach at the electronic medical record provider, Eye Care Leaders. The attack exposed the protected health information of 542,776 current and former Wolfe Clinic patients.

Wolfe Clinic used the myCare Integrity medical records platform, which was accessed by an unauthorized party on or around December 4, 2021, who deleted databases and system configuration files. A forensic investigation of the security incident was conducted but the deletion of files meant there was a lack of forensic evidence, so it was not possible to determine whether the PHI of Wolfe Clinic patients was accessed or acquired in the attack. Wolfe Clinic said names, addresses, birth dates, Social Security numbers, diagnostic information, and health insurance information were potentially compromised.

At the time of issuing notifications, Wolfe Clinic had not received any reports of identity theft and fraud related to the Eye Care Leaders data breach. Affected individuals have been offered 12 months of complimentary credit monitoring and identity theft protection services.

The Eye Care Leaders data breach is known to have affected at least 40 eye care providers and resulted in the exposure of the PHI of at least 3.6 million patients.

Reiter Affiliated Companies Reports June 2022 Cyberattack

Reiter Affiliated Companies, the largest fresh, multi-berry producer in the world, has recently confirmed that an unauthorized third party gained access to its network between June 25, 2022, and July 4, 2022. The attack was detected on July 4, 2022, when certain systems were made unavailable. Prompt action was taken to secure its systems to prevent further unauthorized access, and an investigation was launched to determine the nature and scope of the attack. The forensic investigation confirmed that files had been exfiltrated from its systems during the period of unauthorized access, and those files included Health and Wellness Plan enrollment rosters that contained plan member names, dates of birth, and Social Security numbers.

Affected individuals have been notified by mail and have been offered complimentary credit monitoring and identity theft protection services. Reiter Affiliated Companies said steps have been taken to improve security to prevent further data breaches in the future.

The breach has been reported to the HHS’ Office for Civil Rights by Reiter Affiliated Companies, LLC as affecting 45,000 individuals, and by the Reiter Affiliated Health and Welfare Plan as affecting 45,000 individuals.

SERV Behavioral Health System Confirms May 2022 Cyberattack

SERV Behavioral Health System in New Jersey has recently announced that it was the victim of a cyberattack in which the protected health information of 8,110 individuals was potentially compromised. The health system said the attack was detected on May 27, 2022, with the forensic analysis concluding on August 4, 2022. SERV said it found no evidence that any patient information was viewed or obtained in the attack, but it was not possible to rule out the possibility of data theft. The review of all files potentially accessed included names, contact information, Social Security numbers, driver’s license numbers, and health information.

Affected individuals have now been notified by mail and steps have been taken to improve security to prevent further attacks of this nature. The Hive ransomware gang claimed responsibility for the attack.

The post Cyberattacks Reported by Wolfe Clinic, Reiter Affiliated Companies, & SERV Behavioral Health System appeared first on HIPAA Journal.

Lubbock Heart & Surgical Hospital in Texas has recently announced it was the victim of a hacking incident that resulted in disruption to the operations of some of its IT systems. The cyberattack was detected by the hospital on July 12, 2022, and immediate action was taken to contain the incident and prevent further unauthorized access, and forensics experts were engaged to determine the nature and scope of the attack. The investigation confirmed its systems were accessed by the attackers between July 11 and July 12, but it was not possible to determine if any files containing patient information had been accessed or copied from its systems.

The files potentially accessed included patient information such as names, contact information, demographic information, dates of birth, Social Security numbers, diagnosis and treatment information, prescription information, medical record numbers, provider names, dates of service, and health insurance information.

Lubbock Heart & Surgical Hospital said security safeguards and technical measures have been enhanced to prevent further security incidents. Notification letters were sent to the 23,379 affected individuals on September 9, 2022. Complimentary credit monitoring and identity theft protection services have been offered to individuals who had their Social Security numbers exposed.

NorthStar Healthcare Consulting Data Breach Affects 18,354 Patients

Alpharetta, GA-based NorthStar Healthcare Consulting, a business associate supporting Optum Rx, which provides pharmacy benefit management services to the Georgia Department of Community Health, Medical Assistance Plans Division, has reported a breach of an employee email account and the exposure of sensitive patient information.

According to the breach notice submitted to the Vermont Attorney General, suspicious activity was detected in the email account on April 20, 2022. Third-party forensic investigators were engaged to investigate the incident which confirmed the email account had been accessed by an unauthorized individual, but it was not possible to confirm which, if any, emails containing protected health information had been accessed, or if emails had been copied. The investigation concluded on July 15, 2022, and work began on obtaining up-to-date contact information to issue notifications.

NorthStar Healthcare Consulting said the emails contained names, addresses, birth dates, Medicaid numbers, medication names, prescriber names, and appeal numbers, and for a limited number of patients, brief notes on diagnosis and related symptoms. NorthStar Healthcare Consulting said steps have been taken to improve email security and complimentary credit monitoring and identity theft protection services have been offered to affected individuals.

The incident has been reported to the HHS’ Office for Civil Rights as affecting 18,354 individuals.

The post Lubbock Heart & Surgical Hospital and NorthStar Healthcare Consulting Disclose Cyberattacks appeared first on HIPAA Journal.

The Physicians’ Spine and Rehabilitation Specialists of Georgia (PSRSG) has notified 38,765 patients that some of their protected health information has potentially been compromised in a cyberattack that occurred on or around July 11, 2022. A team of external cybersecurity experts was engaged to assist with the investigation and remediation efforts, and its systems were successfully restored within a few days without causing any material delays to clinical care.

PSRSG said numerous security measures had been implemented prior to the attack, but the attackers were able to circumvent those defenses. Steps have since been taken to enhance security to prevent similar breaches in the future. The forensic investigation confirmed the attacker had access to its systems for around a week before the intrusion was detected and blocked.

It was not possible to determine which files were accessed or if any sensitive information was stolen in the attack, but the attacker claimed to have stolen sensitive data from its systems and threatened to release that information publicly. A review of the files on the compromised systems confirmed they contained protected health information, which included names, birth dates, contact information, Social Security numbers, driver’s license numbers, treatment information, guarantor information, and insurance information. The types of data in the files varied from individual to individual. PSRSG said affected individuals have been notified and offered free credit monitoring and identity theft insurance through Experian, “solely to give patients peace of mind.”

One Medical, Inc. Confirms Hacking Incident and Potential Data Breach

The Sherman, TX-based healthcare provider, One Medical Inc., has recently confirmed that it was the victim of a cyberattack in which names, addresses, medical information, and Social Security numbers were potentially compromised. The data breach was reported to the Attorney General of Texas on September 9, 2022, as a hacking incident. Limited information is currently available, but the breach appears to have affected at least 964 Texas residents.

This is the second data breach to have hit the firm in the past year or so. In July 2021, One Medical reported an email error in which the PHI of 1,009 individuals was impermissibly disclosed.

The post Data Breaches Reported by Physicians’ Spine and Rehabilitation Specialists of Georgia and One Medical Inc. appeared first on HIPAA Journal.