2021, Licensing and Ransomware - Health Care Compliance Brief

Fast Track Urgent Care Confirms 258,411 Individuals Affected by 2021 PracticeMax Ransomware Attack

HIPAA Journal

AUGUST 3, 2022

Fast Track Urgent Care, a network of urgent healthcare clinics in Florida, has confirmed that 258,411 individuals have had their protected health information exposed and potentially stolen in a ransomware attack on billing and practice management vendor, PracticeMax.

Ransomware

Ransomware Health Insurance Licensing HIPAA

United Health Centers of San Joaquin Valley Notifies Patients About August 2021 Ransomware Attack

HIPAA Journal

AUGUST 16, 2022

In August 2021, the Vice Society ransomware operation published data on its data leak site that had allegedly been obtained in a ransomware attack on United Health Centers of San Joaquin Valley. On August 31, 2021, Bleeping Computer was made aware of the data leak and made multiple attempts to notify United Health Centers.

Ransomware

Ransomware HIPAA Licensing Governance

Scripps Health Proposes $3.5M Settlement to Resolve Class Action Ransomware Lawsuit

HIPAA Journal

DECEMBER 30, 2022

A settlement has been proposed by Scripps Health to resolve a consolidated class action lawsuit – In Re: Scripps Health Data Incident Litigation – to resolve all claims related to its 2021 ransomware attack. The ransomware attack has proven to be incredibly costly for Scripps Health. The post Scripps Health Proposes $3.5M

Ransomware

Ransomware HIPAA Licensing Doctors

Webinars

From Diagnosis to Delivery: How AI is Revolutionizing the Patient Experience

MORE WEBINARS

Four Healthcare Providers Hit with Ransomware Attacks

HIPAA Journal

MARCH 1, 2022

Ransomware attacks have recently been reported by four healthcare providers across the country, which have collectively resulted in the exposure and potential theft of the protected health information of more than 49,000 individuals. 2021, and successfully encrypted files on its network and servers. Jax Spine & Pain Centers.

Ransomware

Ransomware Licensing HIPAA Health Insurance

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

HIPAA Journal

MARCH 10, 2022

Bako Diagnostics (BakoDx), a Georgia-based provider of laboratory services to healthcare providers, has announced it was the victim of a cyberattack that was discovered on December 28, 2021. The Austin, TX-based cloud hosting and data storage company DataHEALTH has announced it was the victim of a ransomware attack on November 3, 2021.

Ransomware

Ransomware Licensing Health Insurance HIPAA

Patient Data Compromised in Ransomware Attacks on Family Christian Health Center & Jackson County Hospital

HIPAA Journal

FEBRUARY 16, 2022

Family Christian Health Center (FCHC) in Illinois has announced it was the victim of a ransomware attack in November 2021 that compromised the protected health information of 31,000 patients. Patient Data Potentially Compromised in Jackson County Hospital Ransomware Attack.

Ransomware

Ransomware Hospitals Licensing HIPAA

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

HIPAA Journal

MAY 25, 2022

Bryan County Ambulance Authority Ransomware Attack Affects 14,000 Patients. According to the notification letters, the attack was detected on November 24, 2021, when files on its systems were encrypted. Lifespan Services Suffers Ransomware Attack.

Ransomware

Ransomware Fraud HIPAA Licensing

Law Enforcement Health Benefits and Oklahoma City Indian Clinic Suffer Ransomware Attacks

HIPAA Journal

MARCH 30, 2022

have confirmed they were recent victims of cyberattacks, both of which involved the use of ransomware. Ransomware Attack Affects 85,282 Law Enforcement Health Benefits Members. LEHB) has recently announced that it was the victim of a ransomware attack that was detected on September 14, 2021.

Ransomware

Ransomware Electronic Medical Records HIPAA Licensing

Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack

HIPAA Journal

APRIL 28, 2022

Irvine, CA-based Smile Brands, a provider of support services for dental offices, has recently provided an update on the number of individuals affected by a ransomware attack that was discovered on April 24, 2021. The initial notice to the Maine attorney general was submitted on October 8, 2021.

Ransomware

Ransomware Health Insurance HIPAA Licensing

Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack

HIPAA Journal

MAY 16, 2022

According to the April 29, 2022, notification on the healthcare provider’s website, “We recently discovered unauthorized access to our network occurred between May 31, 2021, and June 1, 2021.” The post Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack appeared first on HIPAA Journal.

Health Insurance

Health Insurance Ransomware HIPAA Licensing

Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach

HIPAA Journal

MARCH 10, 2023

According to the notifications, unauthorized individuals gained access to its network and used ransomware to encrypt files. MFHS said the sophisticated ransomware attack was discovered in April 2022. The post Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach appeared first on HIPAA Journal.

Ransomware

Ransomware HIPAA Licensing Health Insurance

Ransomware Attacks Announced by Maternal & Family Health Services and Retreat Behavioral Health

HIPAA Journal

JANUARY 9, 2023

Maternal & Family Health Services in Eastern Pennsylvania has recently notified certain patients about an April 4, 2022, ransomware attack in which sensitive patient data was exposed. Retreat Behavioral Health Ransomware Attack Affects Up to 23,620 Patients. Notifications were sent to affected individuals on January 3, 2023.

Ransomware

Ransomware HIPAA Licensing Health Insurance

Up to 184,000 Clients of Lutheran Social Services of Illinois Impacted by Ransomware Attack

HIPAA Journal

JANUARY 27, 2023

Des Plaines, IL-based Lutheran Social Services of Illinois, one of the largest providers of social services in the state, has announced that its systems were compromised and ransomware was used to encrypt files. Both healthcare organizations were recently added to the data leak site of the BlackCat ransomware group.

Ransomware

Ransomware HIPAA Fraud Licensing

PHI Potentially Compromised in Ransomware Attacks at MD, TX, and FL Healthcare Providers

HIPAA Journal

NOVEMBER 28, 2022

(HHS) has recently announced that it was the victim of a ransomware attack. The investigation revealed an unauthorized third party first accessed its systems on June 10, 2022, several days prior to using ransomware to encrypt files. Ransomware Attack Affects Patients of Disability Services of the Southwest.

Ransomware

Ransomware Electronic Medical Records HIPAA Licensing

Forefront Dermatology Proposes $3.75 Million Settlement to Resolve Ransomware Lawsuit

HIPAA Journal

NOVEMBER 21, 2022

The Wisconsin-based dermatology practice, Forefront Dermatology, has agreed to settle a class action lawsuit filed on behalf of patients whose protected health information (PHI) was compromised in a ransomware attack in late May 2021. Million Settlement to Resolve Ransomware Lawsuit appeared first on HIPAA Journal.

Ransomware

Ransomware Fraud HIPAA Licensing

5 Key Strategies to Maximize Savings in Healthcare IT

HIT Consultant

NOVEMBER 12, 2024

Reduce ransomware attack surface We all know that ransomware is continuing to cause enormous financial pain for organizations that in some cases must pay up or close their doors. They are also, meanwhile, storing the data in a way that prevents any changes to the data – thwarting ransomware actors.

Ransomware

Ransomware Licensing Health Insurance Hospitals

Electromed Proposes $825,000 Class Action Data Breach Settlement

HIPAA Journal

FEBRUARY 15, 2023

The medical device manufacturer Electromed has proposed a $850,000 settlement to resolve claims related to a June 2021 ransomware attack and data breach involving the protected health information of 47,200 individuals. A lawsuit – Lutz, et al.

Ransomware

Ransomware Fraud Licensing Health Insurance

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

HIPAA Journal

SEPTEMBER 12, 2023

Seymour, IN-based Schneck Medical Center has settled a lawsuit with the Indiana attorney general, Todd Rokita, over a 2021 ransomware attack and data breach that affected 89,707 Indiana residents.

HIPAA

HIPAA Ransomware Health Insurance Fraud

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

HIPAA Journal

MARCH 25, 2022

The forensic investigation revealed the email accounts were accessed by unauthorized individuals between April 7, 2021, and June 2, 2021. AHA provided notice about the attack on January 6, 2021. UMC was a victim of a REvil ransomware attack in June 2021 that resulted in the theft of the protected health information of 1.3

Health Insurance

Health Insurance Licensing Ransomware Fraud

JDC Healthcare Management Data Breach Affects More than 1 Million Texans

HIPAA Journal

MARCH 21, 2022

As previously reported on this site, JDC Healthcare Management detected malware within its IT network on or around August 9, 2021, with the forensic investigation into the security breach confirming the malware was downloaded onto its systems on July 27, 2021. Suffers Ransomware Attack. Wheeling Health Right Inc.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Carolina Behavioral Health Alliance Reports Breach of the PHI of 130,000 Health Plan Members

HIPAA Journal

JULY 14, 2022

The Winston-Salem, NC-based managed behavioral health organization, Carolina Behavioral Health Alliance (CBHA), the administrator of behavioral health benefits for Wake Forest University and Wake Forest Baptist Medical Center, has recently announced it was the victim of a ransomware attack.

Licensing

Licensing Health Insurance Ransomware HIPAA

Patient Data Likely Lost Due to Cyberattack on Mercy Medical Center – Clinton

HIPAA Journal

JUNE 8, 2023

Mercy Medical Center did not state whether ransomware was involved but said data had to be restored from backups and some data has likely been lost. According to the May 22, 2023, breach notice, the incidents occurred in 2021. The attack did not affect patient care but prevented access to its systems while the attack was remediated.

Ransomware

Ransomware HIPAA Licensing Health Insurance

HC3 Issues HPH Sector Alert Following Suspected Clop Cyberattacks

HIPAA Journal

FEBRUARY 23, 2023

The attacks have prompted the Health Sector Cybersecurity Coordination Center (HC3) to issue a further warning about the Clop ransomware group, which claimed responsibility for the attacks. In these attacks, the group said it could have deployed ransomware but chose not to do so, instead opting for an extortion-only approach.

Ransomware

Ransomware Licensing Public Health HIPAA

PHI Compromised in Incidents at CorrectHealth, UF Health Shands, Peter Brasseler, & Gifted Healthcare

HIPAA Journal

SEPTEMBER 1, 2022

CorrectHealth Notifies 54,000 Patients About November 2021 Email System Breach. The breach was detected on November 10, 2021, with the investigation confirming several employee email accounts had been accessed by an unauthorized individual. Ransomware Attack Impacts Brasseler Patients.

Ransomware

Ransomware Licensing Health Insurance HIPAA

Cyberattacks Reported by Precision Imaging Centers, Marshall & Melhorn, and Atrium Health Wake Forest Baptist

HIPAA Journal

JULY 3, 2023

The compromised information varied from patient to patient and may have included first and last names, addresses, dates of birth, Social Security numbers, driver’s license numbers, government-issued identification numbers, health insurance information, medical conditions/diagnoses, and other health or medical information.

Health Insurance

Health Insurance Licensing Ransomware HIPAA

Updates on Cyberattacks on Goodman Campbell Brain and Spine and Behavioral Health Group

HIPAA Journal

AUGUST 8, 2022

Carmel, IN-based Goodman Campbell Brain and Spine has started notifying 363,000 current and former patients that some of their protected health information was stolen prior to data being encrypted with ransomware and some of the stolen data has been published on the gang’s dark web data leak site.

Ransomware

Ransomware Electronic Medical Records HIPAA Licensing

Logan Health Medical Center Cyberattack Affects More Than 213,000 Patients

HIPAA Journal

FEBRUARY 23, 2022

A security breach of its information technology systems was detected on November 22, 2021, with the initial investigation confirming a hacker had breached its security defenses. NHS Management Alerts Patients About May 2021 Cyberattack. At no point did the attack affect the quality of patient care.

Electronic Medical Records

Electronic Medical Records HIPAA Health Insurance Medical Billing

Hacking Incidents Reported by Illinois Gastroenterology Group & the Mental Health Center of Greater Manchester

HIPAA Journal

MAY 9, 2022

The cyberattack was detected on October 22, 2021, when suspicious activity was identified within its computer network. While the security breach was not confirmed as involving ransomware, Illinois Gastroenterology said a new endpoint detection and response platform has been deployed that has policies enabled specifically for ransomware.

Ransomware

Ransomware HIPAA Licensing

Bricker & Eckler Agrees to Settle Class Action Data Breach Lawsuit for $1.95M

HIPAA Journal

SEPTEMBER 20, 2022

The Ohio law firm, Bricker & Eckler LLP, has agreed to settle a class action data breach lawsuit filed on behalf of individuals affected by a 2021 ransomware attack on the firm. The attackers had access to its systems from January 14 to January 31, 2021.

Ransomware

Ransomware Licensing HIPAA

Michigan Law Firm and Medical Imaging Companies Confirm Breaches of Patient Information

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems. The breach was detected on October 22, 2021.

Fraud

Fraud Health Insurance Ransomware HIPAA

PHI of Over 500,000 Individuals Potentially Compromised in 4 Security Incidents

HIPAA Journal

MARCH 9, 2022

The Birmingham, AL-based multi-specialty clinic, Norwood Clinic, has recently started notifying 228,103 individuals that some of their protected health information was accessed in a cyberattack that was detected on October 22, 2021. The review was concluded on February 2, 2022, and affected customers were updated on February 14, 2022.

Electronic Medical Records

Electronic Medical Records Health Insurance Ransomware HIPAA

Resources for Human Development, WellStar Health & Central Vermont Eye Care Announce Data Breaches

HIPAA Journal

APRIL 13, 2022

LockBit Ransomware Gang Claims Data Stolen from Tague Family Practice. The LockBit ransomware gang claims to have gained access to the systems of Tague Family Practice in St. The email accounts were discovered to have been compromised between December 6, 2021, and January 3, 2022. No other systems were compromised.

Ransomware

Ransomware HIPAA Licensing Health Insurance

5 Security Breaches Reported in Which PHI was Potentially Compromised

HIPAA Journal

JUNE 24, 2022

A limited number of individuals also had their Social Security numbers, driver’s license/state ID numbers, and/or financial account information exposed. Patient Data Stolen in Ransomware Attack on Heartland Healthcare Services. Atrium Health said there have been no reported cases of misuse of patient data.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Receivables Performance Management Data Breach Affects More Than 3.7 Million Individuals

HIPAA Journal

DECEMBER 12, 2022

Receivables Performance Management (RPM) in Lynnwood, WA, a business associate of several HIPAA-covered entities, has recently started notifying individuals affected by a 2021 ransomware attack. The incident was detected on May 12, 2021, with the investigation confirming its systems were first breached on April 8, 2021.

HIPAA

HIPAA Hospitals Ransomware Licensing

California Department of Corrections and Rehabilitation Hack Exposed Sensitive Data

HIPAA Journal

AUGUST 23, 2022

Some of the exposed data included Social Security Numbers, driver’s license numbers, and trust account information. The investigation did not confirm when the system was first compromised; however suspicious activity was identified in a file transfer system dating back to December 2021.

COVID-19

COVID-19 Ransomware HIPAA Licensing

Michigan Law Firm and Texas Medical Imaging Company Confirm Breaches of Patient Information

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems. The breach was detected on October 22, 2021.

Fraud

Fraud Health Insurance Ransomware HIPAA

4 Data Security Challenges for Healthcare Organizations in 2022

HIT Consultant

DECEMBER 21, 2022

The key challenges faced by the industry include Data Breaches, Ransomware, Extensive use of Mobile Applications without proper ways to perform Authentication and Authorization and Lack of Healthcare Data Interoperability. million in 2021. Recent Data Breaches: – November 2022: Ransomware Hacker Steals Medibank Data on 9.7m

Ransomware

Ransomware HIPAA Health Insurance Governance

5 Healthcare Providers Suffer PHI Breaches

HIPAA Journal

MAY 18, 2023

The review of the affected files confirmed they contained information such as names, date of birth, addresses, phone numbers, email addresses, driver’s license numbers, Social Security numbers, diagnoses, disability codes, Medicare ID numbers, and health plan carrier information.

Ransomware

Ransomware HIPAA Licensing Medicare

Editorial: Lessons from Biggest HIPAA Breaches of 2022

HIPAA Journal

DECEMBER 23, 2022

OneTouch Point – Ransomware Attack Involving 4.11 Hackers had gained access to its network and used ransomware to encrypt files, with that information also potentially stolen in the attack. Affected providers started to be notified in March that hackers had gained access to its databases in December 2021. Million Records.

HIPAA

HIPAA Ransomware Health Insurance Compliance

Cyberattacks Reported by Schneck Medical Center, NuLife Med, & FPS Medical Center

HIPAA Journal

MAY 17, 2022

A limited number of individuals have also had their Social Security numbers, driver’s license information, and/or financial account or credit card information exposed. Ransomware Attack Affects 28,000 FPS Medical Center Patients. NuLife said no reports have been received to date to indicate any patient information has been misused.

Health Insurance

Health Insurance Licensing Ransomware HIPAA

19,000 Amazon PillPack Customer Accounts Compromised

HIPAA Journal

MAY 24, 2023

Northwest Health – La Porte Impacted by Fortra GoAnywhere Hack Northwest Health – La Porte in Indiana has recently confirmed that the protected health information of 10,256 patients was compromised in the Clop ransomware group’s series of attacks between January 28, 2023, and January 30, 2023.

HIPAA

HIPAA Ransomware Licensing Governance

Cyberattacks Reported by Wolfe Clinic, Reiter Affiliated Companies, & SERV Behavioral Health System

HIPAA Journal

SEPTEMBER 28, 2022

Wolfe Clinic used the myCare Integrity medical records platform, which was accessed by an unauthorized party on or around December 4, 2021, who deleted databases and system configuration files. The Hive ransomware gang claimed responsibility for the attack.

Electronic Medical Records

Electronic Medical Records Ransomware Fraud HIPAA

St. Luke’s Health Reports Third Party Data Breach

HIPAA Journal

NOVEMBER 7, 2022

On November 5, 2021, the email accounts of two employees of Adelanto Healthcare Ventures (AHCV) were accessed by an unauthorized individual. Luke’s Health is currently recovering from a ransomware attack on its parent company, CommonSpirit Health, that occurred more than a month ago.

Electronic Medical Records

Electronic Medical Records Ransomware HIPAA Licensing

Differences Between Small and Large Healthcare Organizations on Security

HIPAA Journal

APRIL 4, 2022

The survey was conducted on 130 small practices with 5 or fewer licensed providers and 129 large practices with six or more providers to understand the security issues they face and the measures each group has taken to protect against cyberattacks and data breaches. By far the biggest cause of data breaches was human error.

HIPAA

HIPAA Ransomware Licensing

Fast Track Urgent Care Confirms 258,411 Individuals Affected by 2021 PracticeMax Ransomware Attack

United Health Centers of San Joaquin Valley Notifies Patients About August 2021 Ransomware Attack

Webinars

Trending Sources

Scripps Health Proposes $3.5M Settlement to Resolve Class Action Ransomware Lawsuit

Webinars

Four Healthcare Providers Hit with Ransomware Attacks

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

Patient Data Compromised in Ransomware Attacks on Family Christian Health Center & Jackson County Hospital

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

Law Enforcement Health Benefits and Oklahoma City Indian Clinic Suffer Ransomware Attacks

Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack

Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack

Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach

Ransomware Attacks Announced by Maternal & Family Health Services and Retreat Behavioral Health

Up to 184,000 Clients of Lutheran Social Services of Illinois Impacted by Ransomware Attack

PHI Potentially Compromised in Ransomware Attacks at MD, TX, and FL Healthcare Providers

Forefront Dermatology Proposes $3.75 Million Settlement to Resolve Ransomware Lawsuit

5 Key Strategies to Maximize Savings in Healthcare IT

Electromed Proposes $825,000 Class Action Data Breach Settlement

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

JDC Healthcare Management Data Breach Affects More than 1 Million Texans

Carolina Behavioral Health Alliance Reports Breach of the PHI of 130,000 Health Plan Members

Patient Data Likely Lost Due to Cyberattack on Mercy Medical Center – Clinton

HC3 Issues HPH Sector Alert Following Suspected Clop Cyberattacks

PHI Compromised in Incidents at CorrectHealth, UF Health Shands, Peter Brasseler, & Gifted Healthcare

Cyberattacks Reported by Precision Imaging Centers, Marshall & Melhorn, and Atrium Health Wake Forest Baptist

Updates on Cyberattacks on Goodman Campbell Brain and Spine and Behavioral Health Group

Logan Health Medical Center Cyberattack Affects More Than 213,000 Patients

Hacking Incidents Reported by Illinois Gastroenterology Group & the Mental Health Center of Greater Manchester

Bricker & Eckler Agrees to Settle Class Action Data Breach Lawsuit for $1.95M

Michigan Law Firm and Medical Imaging Companies Confirm Breaches of Patient Information

PHI of Over 500,000 Individuals Potentially Compromised in 4 Security Incidents

Resources for Human Development, WellStar Health & Central Vermont Eye Care Announce Data Breaches

5 Security Breaches Reported in Which PHI was Potentially Compromised

Receivables Performance Management Data Breach Affects More Than 3.7 Million Individuals

California Department of Corrections and Rehabilitation Hack Exposed Sensitive Data

Michigan Law Firm and Texas Medical Imaging Company Confirm Breaches of Patient Information

4 Data Security Challenges for Healthcare Organizations in 2022

5 Healthcare Providers Suffer PHI Breaches

Editorial: Lessons from Biggest HIPAA Breaches of 2022

Cyberattacks Reported by Schneck Medical Center, NuLife Med, & FPS Medical Center

19,000 Amazon PillPack Customer Accounts Compromised

Cyberattacks Reported by Wolfe Clinic, Reiter Affiliated Companies, & SERV Behavioral Health System

St. Luke’s Health Reports Third Party Data Breach

Differences Between Small and Large Healthcare Organizations on Security

Stay Connected