HIPAA Journal

JANUARY 27, 2023

Des Plaines, IL-based Lutheran Social Services of Illinois, one of the largest providers of social services in the state, has announced that its systems were compromised and ransomware was used to encrypt files. Both healthcare organizations were recently added to the data leak site of the BlackCat ransomware group.

Ransomware 101

Ransomware HIPAA Fraud Licensing 101

HIPAA Journal

JUNE 8, 2023

a provider of call center and customer experience software technology to large enterprises, has recently confirmed that it fell victim to a ransomware attack on a limited portion of its network. The post Alvaria Confirms November 2022 Hive Ransomware Attack appeared first on HIPAA Journal. (formerly Aspect Software, Inc.),

Ransomware 52

Ransomware Fraud HIPAA Health Insurance 52

HIPAA Journal

NOVEMBER 21, 2022

The Wisconsin-based dermatology practice, Forefront Dermatology, has agreed to settle a class action lawsuit filed on behalf of patients whose protected health information (PHI) was compromised in a ransomware attack in late May 2021. Million Settlement to Resolve Ransomware Lawsuit appeared first on HIPAA Journal.

Ransomware 68

Ransomware Fraud HIPAA Licensing 68

HIPAA Journal

NOVEMBER 17, 2022

Salud Family Health Provides Update on September 2022 Ransomware Attack. Colorado-based Salud Family Health, a Federal Qualified Health Center (FQHC), has recently provided an update on a September 2022 cyberattack and has confirmed that patient data was potentially stolen. The electronic record system was unaffected.

Ransomware 84

Ransomware Health Insurance HIPAA Fraud 84

HIPAA Journal

APRIL 23, 2024

Notification letters have been sent to more than 34,500 individuals about ransomware attacks that occurred more than 9 months ago. Kisco Senior Living experienced its attack in June 2023, and Island Ambulatory Surgery Center suffered an attack in July. Notification letters were mailed to the affected individuals on April 5, 2024.

Ransomware 111

Ransomware Fraud Licensing HIPAA 111

HIPAA Journal

FEBRUARY 15, 2023

The medical device manufacturer Electromed has proposed a $850,000 settlement to resolve claims related to a June 2021 ransomware attack and data breach involving the protected health information of 47,200 individuals.

Ransomware 97

Ransomware Fraud Licensing Health Insurance 97

HIPAA Journal

JUNE 15, 2023

In the meantime, Johns Hopkins urges all students, faculty staff, and their dependents to take immediate action to protect their personal information, including conducting reviews of their statements, credit reports, and accounts for unusual activity, and should consider placing a fraud alert and credit freeze with a national credit bureau.

Ransomware 108

Ransomware Health Insurance Fraud HIPAA 108

HIPAA Journal

SEPTEMBER 12, 2023

Seymour, IN-based Schneck Medical Center has settled a lawsuit with the Indiana attorney general, Todd Rokita, over a 2021 ransomware attack and data breach that affected 89,707 Indiana residents. Schneck Medical Center Compensates Patients for Losses Schneck Medical Center has also recently settled a consolidated class action lawsuit for $1.3

HIPAA 98

HIPAA Ransomware Health Insurance Fraud 98

HIPAA Journal

MAY 17, 2023

In April 2023, the Money Message ransomware group announced it had breached the systems of PharMerica and its parent company, BrightSpring Health Services, and added both to its data leak site. The group claimed to have exfiltrated databases containing 4.7 PharMerica has now confirmed the extent of the data breach.

Ransomware 107

Ransomware HIPAA Fraud Health Insurance 107

HIPAA Journal

JULY 4, 2024

The breach notification letters do not state whether ransomware was involved, only that the threat actor “attempted to infiltrate Gaia’s computer network and demand a ransom payment.” According to the breach notification letters that were mailed on June 28, 2024, Gaia Software detected the cyberattack on or around February 5, 2024.

Electronic Medical Records 107

Electronic Medical Records Health Insurance Ransomware Fraud 107

HIPAA Journal

MAY 10, 2023

McPherson Hospital – Ransomware Attack McPherson Hospital in Kansas has recently issued notification letters to 19,020 patients to alert them about a July 2022 ransomware attack. Notification letters were sent in early May, almost 10 months after the attack. It is currently unclear how many patients have been affected.

Hospitals 108

Hospitals Ransomware Health Insurance Fraud 108

HIPAA Journal

FEBRUARY 21, 2022

EHRs usually contain all the information required for multiple types of fraud, including names, addresses, dates of birth, Social Security numbers, other government and state ID numbers, health data, and health insurance information. Malware, and especially ransomware, pose a significant threat to EHRs.

Ransomware 134

Ransomware Fraud HIPAA Health Insurance 134

HIPAA Journal

MARCH 28, 2023

A New York law firm that suffered a LockBit ransomware attack has agreed to pay a financial penalty of $200,000 to the New York Attorney General to resolve alleged violations of New York General Business Law and the Privacy and Security Rules of the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA 112

HIPAA Ransomware Malpractice Health Insurance 112

HIPAA Journal

SEPTEMBER 8, 2022

Notification letters were sent to affected individuals in August and information was provided on the steps that individuals can take to reduce the risk of identity theft and fraud, but it would appear that credit monitoring and identity theft protection services are not being offered. million individuals was compromised in the attack.

Fraud 111

Fraud Health Insurance Ransomware HIPAA 111

HIPAA Journal

AUGUST 2, 2023

Notification letters will be sent to the affected individuals in the coming weeks and credit monitoring, fraud consultation, and identity theft restoration services will be offered. Cheyenne Radiology Group & MRI Reports December 2022 Ransomware Attack Cheyenne Radiology Group & MRI, P.C.

Licensing 82

Licensing Electronic Medical Records Ransomware Health Insurance 82

HIPAA Journal

JUNE 15, 2022

The South Carolina-based health insurance company, Choice Health, now part of Alight Solutions, has recently announced that the protected health information of some of its members has been obtained by an unauthorized individual. Goodman Campbell Brain and Spine Suffers Ransomware Attack.

Ransomware 143

Ransomware Health Insurance Fraud HIPAA 143

HIPAA Journal

FEBRUARY 8, 2024

Azura Vascular Care said individuals who had sensitive information exposed such as Social Security numbers have been offered complimentary identity protection, credit monitoring, and fraud resolution services. Data exfiltration is common in ransomware attacks, but no evidence of data theft was identified during the forensic investigation.

Ransomware 91

Ransomware Electronic Medical Records Licensing Health Insurance 91

HIT Consultant

SEPTEMBER 4, 2024

The consequences of a successful attack can be far-reaching, including identity theft, insurance fraud, and even threats to patient care through compromised medical devices and systems. Prioritizing continual improvement will allow healthcare organizations to demonstrate their commitment to staying ahead of potential threats.

Ransomware 111

Ransomware HIPAA Compliance Doctors 111

HIPAA Journal

SEPTEMBER 7, 2022

The Morristown, VT-based healthcare provider, Lamoille Health Partners, is facing a class action lawsuit over a June 2022 ransomware attack that affected almost 60,000 of its patients. The attack was detected on June 13, 2022, with the investigation confirming the attackers gained access to its network the previous day.

HIPAA 116

HIPAA Ransomware Fraud Health Insurance 116

HIPAA Journal

MARCH 25, 2022

Ultimate Care said no reports have been received that indicate there has been any misuse of patient information; however, as a precaution against identity theft and fraud, individuals whose Social Security numbers were impacted have been offered complimentary one-year memberships with a credit monitoring service.

Health Insurance 119

Health Insurance Licensing Ransomware Fraud 119

HIPAA Journal

MARCH 1, 2023

The Albuquerque, NM-based health insurance provider, True Health New Mexico, has proposed a settlement to resolve claims related to a 2021 data breach that affected 62,983 members of its health plans.

Fraud 110

Fraud Ransomware Health Insurance HIPAA 110

HIPAA Journal

SEPTEMBER 13, 2023

A class action lawsuit has been filed against the student healthcare insurer UnitedHealthcare Services, which does business as UnitedHealthcare Student Resources, over its MOVEit Transfer data breach in May 2023. Ransom demands were issued, and payment was required to prevent the publication of stolen data on the group’s data leak site.

Ransomware 71

Ransomware Fraud Health Insurance HIPAA 71

HIPAA Journal

FEBRUARY 14, 2023

Another lawsuit has been filed against Connexin Software over its August 2022 ransomware attack and data breach, which affected more than 2.2 On August 26, 2022, Connexin discovered hackers had gained access to its systems and used ransomware to encrypt files. million individuals.

Electronic Medical Records 93

Electronic Medical Records Ransomware HIPAA Fraud 93

Compliancy Group

JANUARY 25, 2022

The 2015 total included the largest single healthcare data breach on record – health insurer Anthem’s 77.8 Other findings in the report included: Ransomware-related data breaches have doubled in each of the past two years. We may look back at 2021 as the year when we moved from the era of identity theft to identity fraud.

HIPAA 98

HIPAA Ransomware Governance Fraud 98

Compliancy Group

MAY 27, 2022

35% of healthcare breaches involved ransomware attacks, vs. 20% in 2020. The average ransomware payment for healthcare was $875,784, about one-third less than the 2020 payment. 82% of ransomware attacks claimed to have removed data before encryption. Partnership Health Plan (California) .

HIPAA 98

HIPAA Ransomware Hospitals Compliance 98

HIPAA Journal

SEPTEMBER 8, 2022

Notification letters were sent to affected individuals in August and information was provided on the steps that individuals can take to reduce the risk of identity theft and fraud, but it would appear that credit monitoring and identity theft protection services are not being offered. million individuals was compromised in the attack.

Fraud 79

Fraud Health Insurance Ransomware HIPAA 79

HIPAA Journal

JUNE 23, 2023

A lawsuit has been filed against Intellihartx, LLC, (aka ITx Companies), over a cyberattack by the Clop ransomware group that exploited a vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) solution. The protected health information of 490,000 patients of its healthcare clients was compromised in the attack in late January.

HIPAA 98

HIPAA Ransomware Fraud Health Insurance 98

HIT Consultant

MAY 9, 2023

During the month of the breach, a cybercriminal was able to access various confidential files, including patient data such as names, contact details, treatments, diagnoses, patient account numbers, their dentist’s names as well as billing details and health insurance data. As a result, patients feared an increased risk of fraud.

Ransomware 95

Ransomware Fraud Health Insurance HIPAA 95

HIPAA Journal

DECEMBER 23, 2022

million patients and health plan members. OneTouch Point – Ransomware Attack Involving 4.11 Hackers had gained access to its network and used ransomware to encrypt files, with that information also potentially stolen in the attack. Professional Finance Company – Ransomware Attack Involving 1.92 Million Records.

HIPAA 93

HIPAA Ransomware Health Insurance Compliance 93

Healthcare IT Today

JANUARY 2, 2023

Healthcare is the number one type of data hackers set their sites on, and healthcare identity fraud is prevalent. For example, a report from Sophos found that 66% of healthcare organizations reported ransomware attacks last year, jumping from 34% in 2020. Ransomware attacks will continue to increase.

Ransomware 141

Ransomware Fraud Compliance Telemedicine 141

HIPAA Journal

APRIL 25, 2023

Santa Clara Family Health Plan Confirmed as Victim of Clop GoAnywhere Hack Santa Clara Family Health Plan has confirmed the 276,993-record data breach reported to the HHS’ Office for Civil Rights on March 30, 2023, was due to the hacking of Fortra’s GoAnywhere MFT solution by the Clop ransomware group.

Health Insurance 96

Health Insurance Public Health Ransomware Fraud 96

HIPAA Journal

MARCH 24, 2022

The breach notice uploaded to Chelan Douglas Health District website does not disclose when the breach was detected but says a third-party cybersecurity company was engaged to investigate the cyberattack and confirmed that its network was accessed by unauthorized individuals between July 2 and July 4, 2021.

Ransomware 133

Ransomware Fraud Hospitals HIPAA 133

HIT Consultant

AUGUST 13, 2023

Here are seven identified cybersecurity vulnerabilities that can reveal a patient’s data and expose these healthcare organizations to fraud and fines: Limited budgets. Department of Health and Human Services (HHS) is currently investigating hundreds of cases associated with these phishing and hacking scams. Ransomware.

Ransomware 98

Ransomware Fraud Health Insurance Public Health 98

HIPAA Journal

JANUARY 24, 2023

The theft of protected health information places patients and health plan members at risk of identity theft and fraud, but by far the biggest concern is the threat to patient safety. Multiple studies have identified an increase in mortality rates at hospitals following ransomware attacks and other major cyber incidents.

HIPAA 124

HIPAA Ransomware Hospitals Fraud 124

HIPAA Journal

JULY 27, 2023

Norton Healthcare has only disclosed limited information about the attack; however, the BlackCat ransomware group announced that it was behind the cyberattack and leaked some of the data stolen from Norton Healthcare on its data leak site.

Ransomware 52

Ransomware Fraud Licensing Health Insurance 52

HIPAA Journal

MAY 18, 2023

Larger healthcare providers may temporarily divert ambulances and cancel some appointments following a ransomware attack but do not typically halt operations, but smaller healthcare providers may be left with little alternative. That information related to patients who had received healthcare services between March 2012 and November 2022.

Ransomware 77

Ransomware Fraud HIPAA Health Insurance 77

HIT Consultant

JANUARY 3, 2023

With the advent of ransomware-as-a-service combined with a lack of resources to investigate attacks in-house for healthcare organizations, elaborate and devastating cyber attacks against healthcare, specifically through business communication channels are likely to increase in scale and sophistication. .

Compliance 52

Compliance Ransomware Fraud Regulatory Compliance 52