HIPAA Journal

MAY 25, 2022

Bryan County Ambulance Authority Ransomware Attack Affects 14,000 Patients. According to the notification letters, the attack was detected on November 24, 2021, when files on its systems were encrypted. Lifespan Services Suffers Ransomware Attack.

Ransomware 137

Ransomware Fraud HIPAA Licensing 137

HIT Consultant

NOVEMBER 12, 2024

Reduce ransomware attack surface We all know that ransomware is continuing to cause enormous financial pain for organizations that in some cases must pay up or close their doors. They are also, meanwhile, storing the data in a way that prevents any changes to the data – thwarting ransomware actors.

Ransomware 104

Ransomware Licensing Health Insurance Hospitals 104

HIPAA Journal

APRIL 28, 2022

Irvine, CA-based Smile Brands, a provider of support services for dental offices, has recently provided an update on the number of individuals affected by a ransomware attack that was discovered on April 24, 2021. The initial notice to the Maine attorney general was submitted on October 8, 2021.

Ransomware 117

Ransomware Health Insurance HIPAA Licensing 117

HIPAA Journal

MAY 16, 2022

According to the April 29, 2022, notification on the healthcare provider’s website, “We recently discovered unauthorized access to our network occurred between May 31, 2021, and June 1, 2021.” The post Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack appeared first on HIPAA Journal.

Health Insurance 117

Health Insurance Ransomware HIPAA Licensing 117

HIPAA Journal

MARCH 10, 2023

According to the notifications, unauthorized individuals gained access to its network and used ransomware to encrypt files. MFHS said the sophisticated ransomware attack was discovered in April 2022. The post Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach appeared first on HIPAA Journal.

Ransomware 106

Ransomware HIPAA Licensing Health Insurance 106

HIPAA Journal

NOVEMBER 28, 2022

(HHS) has recently announced that it was the victim of a ransomware attack. The investigation revealed an unauthorized third party first accessed its systems on June 10, 2022, several days prior to using ransomware to encrypt files. Ransomware Attack Affects Patients of Disability Services of the Southwest.

Ransomware 111

Ransomware Electronic Medical Records HIPAA Licensing 111

HIPAA Journal

JANUARY 9, 2023

Maternal & Family Health Services in Eastern Pennsylvania has recently notified certain patients about an April 4, 2022, ransomware attack in which sensitive patient data was exposed. Retreat Behavioral Health Ransomware Attack Affects Up to 23,620 Patients. Notifications were sent to affected individuals on January 3, 2023.

Ransomware 103

Ransomware HIPAA Licensing Health Insurance 103

HIPAA Journal

JANUARY 27, 2023

Des Plaines, IL-based Lutheran Social Services of Illinois, one of the largest providers of social services in the state, has announced that its systems were compromised and ransomware was used to encrypt files. Both healthcare organizations were recently added to the data leak site of the BlackCat ransomware group.

Ransomware 107

Ransomware HIPAA Fraud Licensing 107

HIPAA Journal

MARCH 25, 2022

The forensic investigation revealed the email accounts were accessed by unauthorized individuals between April 7, 2021, and June 2, 2021. AHA provided notice about the attack on January 6, 2021. UMC was a victim of a REvil ransomware attack in June 2021 that resulted in the theft of the protected health information of 1.3

Health Insurance 120

Health Insurance Licensing Ransomware Fraud 120

HIPAA Journal

FEBRUARY 15, 2023

The medical device manufacturer Electromed has proposed a $850,000 settlement to resolve claims related to a June 2021 ransomware attack and data breach involving the protected health information of 47,200 individuals. A lawsuit – Lutz, et al.

Ransomware 108

Ransomware Fraud Licensing Health Insurance 108

HIPAA Journal

FEBRUARY 23, 2022

A security breach of its information technology systems was detected on November 22, 2021, with the initial investigation confirming a hacker had breached its security defenses. NHS Management Alerts Patients About May 2021 Cyberattack. At no point did the attack affect the quality of patient care.

Electronic Medical Records 142

Electronic Medical Records HIPAA Health Insurance Medical Billing 142

HIPAA Journal

JULY 14, 2022

The Winston-Salem, NC-based managed behavioral health organization, Carolina Behavioral Health Alliance (CBHA), the administrator of behavioral health benefits for Wake Forest University and Wake Forest Baptist Medical Center, has recently announced it was the victim of a ransomware attack.

Licensing 117

Licensing Health Insurance Ransomware HIPAA 117

HIPAA Journal

MARCH 21, 2022

As previously reported on this site, JDC Healthcare Management detected malware within its IT network on or around August 9, 2021, with the forensic investigation into the security breach confirming the malware was downloaded onto its systems on July 27, 2021. Suffers Ransomware Attack. Wheeling Health Right Inc.

Ransomware 111

Ransomware Licensing HIPAA Health Insurance 111

HIPAA Journal

SEPTEMBER 1, 2022

CorrectHealth Notifies 54,000 Patients About November 2021 Email System Breach. The breach was detected on November 10, 2021, with the investigation confirming several employee email accounts had been accessed by an unauthorized individual. Ransomware Attack Impacts Brasseler Patients.

Ransomware 101

Ransomware Licensing Health Insurance HIPAA 101

HIPAA Journal

MARCH 9, 2022

The Birmingham, AL-based multi-specialty clinic, Norwood Clinic, has recently started notifying 228,103 individuals that some of their protected health information was accessed in a cyberattack that was detected on October 22, 2021. The review was concluded on February 2, 2022, and affected customers were updated on February 14, 2022.

Electronic Medical Records 131

Electronic Medical Records Health Insurance Ransomware HIPAA 131

HIPAA Journal

NOVEMBER 21, 2022

The Wisconsin-based dermatology practice, Forefront Dermatology, has agreed to settle a class action lawsuit filed on behalf of patients whose protected health information (PHI) was compromised in a ransomware attack in late May 2021. Million Settlement to Resolve Ransomware Lawsuit appeared first on HIPAA Journal.

Ransomware 64

Ransomware Fraud HIPAA Licensing 64

HIPAA Journal

SEPTEMBER 12, 2023

Seymour, IN-based Schneck Medical Center has settled a lawsuit with the Indiana attorney general, Todd Rokita, over a 2021 ransomware attack and data breach that affected 89,707 Indiana residents.

HIPAA 103

HIPAA Ransomware Health Insurance Fraud 103

HIPAA Journal

JUNE 8, 2023

Mercy Medical Center did not state whether ransomware was involved but said data had to be restored from backups and some data has likely been lost. According to the May 22, 2023, breach notice, the incidents occurred in 2021. The attack did not affect patient care but prevented access to its systems while the attack was remediated.

Ransomware 107

Ransomware HIPAA Licensing Health Insurance 107

HIPAA Journal

APRIL 13, 2022

LockBit Ransomware Gang Claims Data Stolen from Tague Family Practice. The LockBit ransomware gang claims to have gained access to the systems of Tague Family Practice in St. The email accounts were discovered to have been compromised between December 6, 2021, and January 3, 2022. No other systems were compromised.

Ransomware 120

Ransomware HIPAA Licensing Health Insurance 120

HIPAA Journal

MAY 9, 2022

The cyberattack was detected on October 22, 2021, when suspicious activity was identified within its computer network. While the security breach was not confirmed as involving ransomware, Illinois Gastroenterology said a new endpoint detection and response platform has been deployed that has policies enabled specifically for ransomware.

Ransomware 107

Ransomware HIPAA Licensing 107

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems. The breach was detected on October 22, 2021.

Fraud 114

Fraud Health Insurance Ransomware HIPAA 114

HIPAA Journal

JUNE 24, 2022

A limited number of individuals also had their Social Security numbers, driver’s license/state ID numbers, and/or financial account information exposed. Patient Data Stolen in Ransomware Attack on Heartland Healthcare Services. Atrium Health said there have been no reported cases of misuse of patient data.

Ransomware 124

Ransomware Licensing HIPAA Health Insurance 124

HIPAA Journal

JULY 3, 2023

The compromised information varied from patient to patient and may have included first and last names, addresses, dates of birth, Social Security numbers, driver’s license numbers, government-issued identification numbers, health insurance information, medical conditions/diagnoses, and other health or medical information.

Health Insurance 98

Health Insurance Licensing Ransomware HIPAA 98

HIPAA Journal

DECEMBER 12, 2022

Receivables Performance Management (RPM) in Lynnwood, WA, a business associate of several HIPAA-covered entities, has recently started notifying individuals affected by a 2021 ransomware attack. The incident was detected on May 12, 2021, with the investigation confirming its systems were first breached on April 8, 2021.

HIPAA 120

HIPAA Ransomware Hospitals Licensing 120

HIPAA Journal

AUGUST 8, 2022

Carmel, IN-based Goodman Campbell Brain and Spine has started notifying 363,000 current and former patients that some of their protected health information was stolen prior to data being encrypted with ransomware and some of the stolen data has been published on the gang’s dark web data leak site.

Ransomware 90

Ransomware Electronic Medical Records HIPAA Licensing 90

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems. The breach was detected on October 22, 2021.

Fraud 95

Fraud Health Insurance Ransomware HIPAA 95

HIPAA Journal

DECEMBER 23, 2022

OneTouch Point – Ransomware Attack Involving 4.11 Hackers had gained access to its network and used ransomware to encrypt files, with that information also potentially stolen in the attack. Affected providers started to be notified in March that hackers had gained access to its databases in December 2021. Million Records.

HIPAA 105

HIPAA Ransomware Health Insurance Compliance 105

HIPAA Journal

SEPTEMBER 20, 2022

The Ohio law firm, Bricker & Eckler LLP, has agreed to settle a class action data breach lawsuit filed on behalf of individuals affected by a 2021 ransomware attack on the firm. The attackers had access to its systems from January 14 to January 31, 2021.

Ransomware 78

Ransomware Licensing HIPAA 78

HIPAA Journal

MAY 18, 2023

The review of the affected files confirmed they contained information such as names, date of birth, addresses, phone numbers, email addresses, driver’s license numbers, Social Security numbers, diagnoses, disability codes, Medicare ID numbers, and health plan carrier information.

Ransomware 103

Ransomware HIPAA Licensing Medicare 103

HIPAA Journal

MAY 17, 2022

A limited number of individuals have also had their Social Security numbers, driver’s license information, and/or financial account or credit card information exposed. Ransomware Attack Affects 28,000 FPS Medical Center Patients. NuLife said no reports have been received to date to indicate any patient information has been misused.

Health Insurance 94

Health Insurance Licensing Ransomware HIPAA 94

HIPAA Journal

AUGUST 23, 2022

Some of the exposed data included Social Security Numbers, driver’s license numbers, and trust account information. The investigation did not confirm when the system was first compromised; however suspicious activity was identified in a file transfer system dating back to December 2021.

COVID-19 87

COVID-19 Ransomware HIPAA Licensing 87

HIPAA Journal

MAY 24, 2023

Northwest Health – La Porte Impacted by Fortra GoAnywhere Hack Northwest Health – La Porte in Indiana has recently confirmed that the protected health information of 10,256 patients was compromised in the Clop ransomware group’s series of attacks between January 28, 2023, and January 30, 2023.

HIPAA 126

HIPAA Ransomware Licensing Governance 126

HIPAA Journal

FEBRUARY 23, 2023

The attacks have prompted the Health Sector Cybersecurity Coordination Center (HC3) to issue a further warning about the Clop ransomware group, which claimed responsibility for the attacks. In these attacks, the group said it could have deployed ransomware but chose not to do so, instead opting for an extortion-only approach.

Ransomware 60

Ransomware Licensing Public Health HIPAA 60

HIPAA Journal

APRIL 4, 2022

The survey was conducted on 130 small practices with 5 or fewer licensed providers and 129 large practices with six or more providers to understand the security issues they face and the measures each group has taken to protect against cyberattacks and data breaches. By far the biggest cause of data breaches was human error.

HIPAA 103

HIPAA Ransomware Licensing 103

HIPAA Journal

MARCH 6, 2025

The vendor notified Sandhills on January 8, 2021, about a ransomware attack on November 15, 2020. The ransomware group used compromised credentials to access its systems and steal sensitive data. Ransomware was deployed on December 3, 2020. According to Sandhills, the breach involved the information of 39,602 patients.

Ransomware 52

Ransomware HIPAA Licensing Compliance 52

HIPAA Journal

SEPTEMBER 28, 2022

Wolfe Clinic used the myCare Integrity medical records platform, which was accessed by an unauthorized party on or around December 4, 2021, who deleted databases and system configuration files. The Hive ransomware gang claimed responsibility for the attack.

Electronic Medical Records 75

Electronic Medical Records Ransomware Fraud HIPAA 75

HIT Consultant

DECEMBER 21, 2022

The key challenges faced by the industry include Data Breaches, Ransomware, Extensive use of Mobile Applications without proper ways to perform Authentication and Authorization and Lack of Healthcare Data Interoperability. million in 2021. Recent Data Breaches: – November 2022: Ransomware Hacker Steals Medibank Data on 9.7m

Ransomware 52

Ransomware HIPAA Health Insurance Governance 52