HIPAA Journal

AUGUST 30, 2022

An unauthorized individual had access to the network of Avamere Health Services between January 19, 2022, and March 17, 2022, and exfiltrated files containing protected health information. The breach was detected on or around March 17, 2022, yet Avamere waited until July 13, 2022, to issue notifications to affected individuals.

Nursing Homes 124

Nursing Homes Fraud Ransomware HIPAA 124

HIPAA Journal

NOVEMBER 23, 2022

The Rochester Hills, MI-based prosthetics, orthotics, and accessibility solution provider, Wright & Filippis, has recently announced that it was the victim of a ransomware attack on its network. The post 877,500 Individuals Affected by Ransomware Attack on Prosthetics & Orthotics Provider appeared first on HIPAA Journal.

Ransomware 122

Ransomware Fraud Licensing HIPAA 122

HIPAA Journal

DECEMBER 8, 2022

The New York ambulance service, Empress EMS, is facing multiple class action lawsuits over a ransomware attack that was detected on July 14, 2022. The Hive ransomware group was behind the attack, and as per the group’s modus operandi , after gaining access to the network, sensitive files were stolen, then files were encrypted.

Ransomware 117

Ransomware HIPAA Fraud 117

HIPAA Journal

MARCH 13, 2023

Revenetics is facing a class action lawsuit over its December 2022 cyberattack and data breach that affected more than 250,000 individuals. The Royal ransomware group claimed responsibility for the attack and issued a ransom demand to prevent the publication of the 16GB of data allegedly stolen in the attack.

Ransomware 124

Ransomware Fraud HIPAA 124

HIPAA Journal

JANUARY 6, 2023

The Chicago, IL-based health system, CommonSpirit Health, is facing a class action lawsuit over its October 2022 ransomware attack. Malicious actors gained access to its IT systems on September 16, 2022, and deployed ransomware on October 2, 2022.

Ransomware 103

Ransomware Fraud Electronic Medical Records Hospitals 103

HIPAA Journal

JULY 14, 2023

There has been a sizeable fall in revenues from cryptocurrency-related crimes in the first half of 2023, with scammers seeing a 77% reduction in revenues from the same period in 2022, amassing a little over $1 billion in the first half of the year compared to $3.3 billion in the first half of 2022.

Ransomware 98

Ransomware Fraud HIPAA 98

HIPAA Journal

NOVEMBER 7, 2024

The use of ransomware in cyberattacks decreased slightly in the first half of the year; however, the severity of ransomware attacks increased according to the 2024 Cyber Claims Report: Mid-Year Update from cyber insurance and security service provider Coalition. million and $2.5

Ransomware 96

Ransomware Fraud HIPAA 96

HIPAA Journal

JANUARY 27, 2023

Des Plaines, IL-based Lutheran Social Services of Illinois, one of the largest providers of social services in the state, has announced that its systems were compromised and ransomware was used to encrypt files. The cyberattack was detected on January 27, 2022, and systems were taken offline to contain the attack.

Ransomware 107

Ransomware HIPAA Fraud Licensing 107

HIPAA Journal

DECEMBER 23, 2022

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting in the impermissible disclosure of well over a million records. In addition to the high number of data breaches, 2022 stands out for the sheer number of healthcare records breached, which currently stands at 49.8

HIPAA 105

HIPAA Ransomware Health Insurance Compliance 105

HIPAA Journal

JUNE 8, 2023

a provider of call center and customer experience software technology to large enterprises, has recently confirmed that it fell victim to a ransomware attack on a limited portion of its network. The post Alvaria Confirms November 2022 Hive Ransomware Attack appeared first on HIPAA Journal. (formerly Aspect Software, Inc.),

Ransomware 52

Ransomware Fraud HIPAA Health Insurance 52

HIPAA Journal

JUNE 15, 2022

Choice Health discovered on May 14, 2022, that an individual was offering a set of data that had allegedly been stolen from Choice Health. Choice Health determined that the database had been found and certain database files had been copied by an unauthorized individual on May 7, 2022.

Ransomware 144

Ransomware Health Insurance Fraud HIPAA 144

HIPAA Journal

SEPTEMBER 7, 2022

The Morristown, VT-based healthcare provider, Lamoille Health Partners, is facing a class action lawsuit over a June 2022 ransomware attack that affected almost 60,000 of its patients. The attack was detected on June 13, 2022, with the investigation confirming the attackers gained access to its network the previous day.

HIPAA 130

HIPAA Ransomware Fraud Health Insurance 130

HIPAA Journal

MARCH 30, 2023

Ransomware and phishing continue to be the biggest cybersecurity concerns for healthcare organizations according to the February 2023 Current and Emerging Healthcare Cyber Threat Landscape report from Health-ISAC. Ransomware was the biggest concern for 2022 and 2023 with phishing and spear phishing in second.

Ransomware 111

Ransomware Fraud Governance Medical Billing 111

HIPAA Journal

NOVEMBER 17, 2022

Salud Family Health Provides Update on September 2022 Ransomware Attack. Colorado-based Salud Family Health, a Federal Qualified Health Center (FQHC), has recently provided an update on a September 2022 cyberattack and has confirmed that patient data was potentially stolen.

Ransomware 81

Ransomware Health Insurance Fraud HIPAA 81

HIPAA Journal

MARCH 8, 2023

Ransomware gangs in particular have seen profits take a nosedive, with ransom payments decreasing by 38% year-over-year as victims refuse to pay up, even when there is the threat of publication of stolen data. The number of critical vulnerabilities reported in 2022 doubled from 2021, due to the rapidly evolving attack surface.

Ransomware 104

Ransomware Fraud HIPAA 104

HIPAA Journal

JANUARY 17, 2023

The Dallas, TX-based home help service provider, Home Care Providers of Texas (HCPT), has recently announced that unauthorized individuals gained access to its network and used ransomware to encrypt files. The security breach was detected on June 29, 2022, when staff members were prevented from accessing files.

Ransomware 120

Ransomware Fraud HIPAA Licensing 120

HIPAA Journal

FEBRUARY 1, 2023

While it was common for ransomware attacks to be reported as such, these are increasingly reported as hacking incidents with no mention of file encryption or data theft. The 2022 Data Breach Report from the Identity Theft Resource Center (ITRC) has confirmed this trend. The LastPass data breach was a good case in point.

Fraud 122

Fraud HIPAA Ransomware Compliance 122

HIPAA Journal

FEBRUARY 14, 2023

Another lawsuit has been filed against Connexin Software over its August 2022 ransomware attack and data breach, which affected more than 2.2 On August 26, 2022, Connexin discovered hackers had gained access to its systems and used ransomware to encrypt files. million individuals.

Electronic Medical Records 102

Electronic Medical Records Ransomware HIPAA Fraud 102

Compliancy Group

MARCH 30, 2023

The 2022 Internet Crime Report has revealed alarming statistics about the rampant rise in cybercrime, making it more critical than ever to be aware of the dangers and take necessary precautions. In 2022 there were a total of 800,944 complaints, which shows a 5% decrease from 2021, but the potential total loss has increased from $6.9

Ransomware 52

Ransomware Fraud HIPAA Compliance 52

HIPAA Journal

SEPTEMBER 12, 2023

Seymour, IN-based Schneck Medical Center has settled a lawsuit with the Indiana attorney general, Todd Rokita, over a 2021 ransomware attack and data breach that affected 89,707 Indiana residents. Schneck Medical Center Compensates Patients for Losses Schneck Medical Center has also recently settled a consolidated class action lawsuit for $1.3

HIPAA 103

HIPAA Ransomware Health Insurance Fraud 103

HIPAA Journal

JUNE 5, 2023

Multiple class action lawsuits have been filed against the city of Oakland in California over a ransomware attack and data breach that involved the theft of the personal and protected health information of 13,000 current and former employees. The ransomware attack is understood to have started with phishing emails.

Ransomware 56

Ransomware Fraud HIPAA 56

HIPAA Journal

MAY 10, 2023

McPherson Hospital – Ransomware Attack McPherson Hospital in Kansas has recently issued notification letters to 19,020 patients to alert them about a July 2022 ransomware attack. MDS launched an investigation into a potential data breach in March 2023 after discovering suspicious system activity.

Hospitals 111

Hospitals Ransomware Health Insurance Fraud 111

HIPAA Journal

JANUARY 24, 2023

Another lawsuit has been filed against CommonSpirit Health over its 2022 ransomware attack and data breach that alleges the nation’s largest catholic health system failed to implement reasonable and appropriate safeguards to prevent unauthorized access to sensitive patient data. An earlier lawsuit was filed in the U.S.

Ransomware 56

Ransomware Fraud HIPAA Hospitals 56

HIPAA Journal

AUGUST 2, 2023

Notification letters will be sent to the affected individuals in the coming weeks and credit monitoring, fraud consultation, and identity theft restoration services will be offered. A third-party data review company was provided with the files on December 22, 2022, and provided the results of the analysis to SHS on May 16, 2023.

Licensing 96

Licensing Electronic Medical Records Ransomware Health Insurance 96

HIPAA Journal

MARCH 25, 2022

Ultimate Care said no reports have been received that indicate there has been any misuse of patient information; however, as a precaution against identity theft and fraud, individuals whose Social Security numbers were impacted have been offered complimentary one-year memberships with a credit monitoring service.

Health Insurance 120

Health Insurance Licensing Ransomware Fraud 120

HIPAA Journal

MARCH 1, 2023

True Health New Mexico identified a security breach on October 5, 2021, with the investigation confirming that an unauthorized third party had gained access to its network and used ransomware to encrypt files. The three lawsuits were consolidated into a single class action lawsuit on March 21, 2022. True Health New Mexico Inc. ,

Fraud 114

Fraud Ransomware Health Insurance HIPAA 114

Healthcare IT Today

JANUARY 2, 2023

Healthcare is the number one type of data hackers set their sites on, and healthcare identity fraud is prevalent. For example, a report from Sophos found that 66% of healthcare organizations reported ransomware attacks last year, jumping from 34% in 2020. Daniel dos Santos, Head of Security Research at Forescout Technologies.

Ransomware 108

Ransomware Fraud Compliance Telemedicine 108

HIPAA Journal

MARCH 28, 2023

A New York law firm that suffered a LockBit ransomware attack has agreed to pay a financial penalty of $200,000 to the New York Attorney General to resolve alleged violations of New York General Business Law and the Privacy and Security Rules of the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA 111

HIPAA Ransomware Malpractice Health Insurance 111

HIPAA Journal

AUGUST 11, 2023

A joint research project by Health-ISAC, Finite State, and Securin has revealed exploitable vulnerabilities in medical devices have increased by almost 60% since 2022. The researchers identified almost 1,000 vulnerabilities in 966 medical products, which is a 59% year-over-year increase from 2022.

Electronic Medical Records 95

Electronic Medical Records Ransomware Fraud HIPAA 95

Compliancy Group

MAY 27, 2022

35% of healthcare breaches involved ransomware attacks, vs. 20% in 2020. The average ransomware payment for healthcare was $875,784, about one-third less than the 2020 payment. 82% of ransomware attacks claimed to have removed data before encryption. The average number of patient notifications was 81,679.

HIPAA 98

HIPAA Ransomware Hospitals Health Insurance 98

HIPAA Journal

MARCH 20, 2025

Data breaches increased once again in 2022, with OCR receiving reports of 720 data breaches of 500 or more records. There has also been a downward trend in improper disposal incidents and unauthorized access/disclosure incidents, but data breaches continue to increase due to a massive increase in hacking incidents and ransomware attacks.In

HIPAA 111

HIPAA Ransomware Compliance Hospitals 111

Healthcare IT Today

APRIL 25, 2024

For a healthcare entity, the data and information are viewed as extremely valuable as it includes PII as well as other health information that can be used for insurance fraud and identity theft. A large-scale cyberattack, like the Change Healthcare attack, could cost an organization 10 times more than average.

Ransomware 122

Ransomware Compliance Fraud Governance 122

HIPAA Journal

APRIL 25, 2023

Santa Clara Family Health Plan Confirmed as Victim of Clop GoAnywhere Hack Santa Clara Family Health Plan has confirmed the 276,993-record data breach reported to the HHS’ Office for Civil Rights on March 30, 2023, was due to the hacking of Fortra’s GoAnywhere MFT solution by the Clop ransomware group.

Health Insurance 106

Health Insurance Public Health Ransomware Fraud 106

HIPAA Journal

AUGUST 17, 2022

In April 2020, Musculoskeletal Institute, dba Florida Orthopaedic Institute, discovered an unauthorized third party had gained access to a server that contained patients’ protected health information (PHI) and used ransomware to encrypt files. All claims must be submitted no later than September 16, 2022.

Ransomware 82

Ransomware Fraud HIPAA Health Insurance 82

HIPAA Journal

SEPTEMBER 28, 2022

At the time of issuing notifications, Wolfe Clinic had not received any reports of identity theft and fraud related to the Eye Care Leaders data breach. Reiter Affiliated Companies Reports June 2022 Cyberattack. The attack was detected on July 4, 2022, when certain systems were made unavailable. million patients.

Electronic Medical Records 75

Electronic Medical Records Ransomware Fraud HIPAA 75

HIPAA Journal

JANUARY 12, 2023

Cybercriminals have been increasingly attacking healthcare vendors because they are a much less secure part of the supply chain and in 2022, many of the largest healthcare data breaches reported involved vendors. million patients, to name but a few. “The

Electronic Medical Records 111

Electronic Medical Records Ransomware Fraud Public Health 111

HIPAA Journal

MAY 24, 2024

While these attacks tend not to cause the level of disruption as malware ransomware attacks, they are one of the most damaging and expensive types of cybercrime and cost businesses billions of dollars each year. The emails are marked as confidential and urgent and rely on individuals acting on the request to avoid any negative consequences.

Fraud 79

Fraud Ransomware Public Health HIPAA 79