HIPAA Journal

MARCH 10, 2022

Individuals whose Social Security number, driver’s license, state identification number, or financial account information may have been involved have been offered complimentary credit monitoring services. Morrow has recently announced that hackers gained access to his IT systems and used ransomware to encrypt data. DataHealth.

Ransomware 140

Ransomware Licensing Health Insurance HIPAA 140

HIPAA Journal

MARCH 11, 2025

SMC Corporation of America SMC Corporation of America in Indiana has alerted 6,566 current and former employees about an attempted ransomware attack. The post Hillcrest Convalescent Center Announces 106K-Record Data Breach appeared first on The HIPAA Journal.

Ransomware 69

Ransomware HIPAA Licensing Health Insurance 69

HIPAA Journal

APRIL 30, 2024

The medical device manufacturer Livanova, the Massachusetts community behavioral health center Aspire Health Alliance, and Santa Rosa Behavioral Healthcare Hospital in California have experienced ransomware attacks that exposed patient data. The LockBit ransomware group claimed responsibility for the attack.

Ransomware 107

Ransomware Licensing Health Insurance HIPAA 107

HIPAA Journal

AUGUST 3, 2022

Fast Track Urgent Care, a network of urgent healthcare clinics in Florida, has confirmed that 258,411 individuals have had their protected health information exposed and potentially stolen in a ransomware attack on billing and practice management vendor, PracticeMax.

Ransomware 114

Ransomware Health Insurance Licensing HIPAA 114

HIPAA Journal

MARCH 11, 2025

The file review confirmed that the types of data compromised in the cyberattack included names, addresses, dates of birth, Social Security numbers, drivers license numbers, medical information, and health insurance information. The post Cyberattack on Sunflower Medical Group Affects 221,000 Patients appeared first on The HIPAA Journal.

Department of Veterans Affairs 79

Department of Veterans Affairs Licensing Ransomware Fraud 79

HIPAA Journal

JANUARY 5, 2023

Back in June 2022 , HIPAA Journal reported on a cyberattack on Fitzgibbon Hospital in Marshall, MO, after being contacted directly by a spokesperson for a threat group called DAIXIN Team, who claimed responsibility for the attack. The post Ransomware Attack at Fitzgibbon Hospital Affects 112,000 Patients appeared first on HIPAA Journal.

Ransomware 120

Ransomware Hospitals HIPAA Licensing 120

HIPAA Journal

MARCH 10, 2023

According to the notifications, unauthorized individuals gained access to its network and used ransomware to encrypt files. MFHS said the sophisticated ransomware attack was discovered in April 2022. The post Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach appeared first on HIPAA Journal.

Ransomware 107

Ransomware HIPAA Licensing Health Insurance 107

HIPAA Journal

DECEMBER 23, 2022

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting in the impermissible disclosure of well over a million records. The Biggest HIPAA Breaches of 2022. The 12 biggest HIPAA breaches of 2022 affected almost 22.66 OneTouch Point – Ransomware Attack Involving 4.11

HIPAA 106

HIPAA Ransomware Health Insurance Compliance 106

HIPAA Journal

APRIL 28, 2022

Irvine, CA-based Smile Brands, a provider of support services for dental offices, has recently provided an update on the number of individuals affected by a ransomware attack that was discovered on April 24, 2021. The post Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack appeared first on HIPAA Journal.

Ransomware 117

Ransomware Health Insurance HIPAA Licensing 117

HIPAA Journal

JANUARY 27, 2023

Des Plaines, IL-based Lutheran Social Services of Illinois, one of the largest providers of social services in the state, has announced that its systems were compromised and ransomware was used to encrypt files. This coincides with the 60-day reporting deadline of the HIPAA Breach Notification Rule.

Ransomware 107

Ransomware HIPAA Fraud Licensing 107

HIPAA Journal

SEPTEMBER 12, 2023

Seymour, IN-based Schneck Medical Center has settled a lawsuit with the Indiana attorney general, Todd Rokita, over a 2021 ransomware attack and data breach that affected 89,707 Indiana residents. The post Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG appeared first on HIPAA Journal.

HIPAA 103

HIPAA Ransomware Health Insurance Fraud 103

HIPAA Journal

SEPTEMBER 14, 2022

Medical Associates of the Lehigh Valley in Pennsylvania (MATLV) has announced that it recently fell victim to a sophisticated ransomware attack on its network. The post Ransomware Attack on Medical Associates of the Lehigh Valley Affects 75K Patients appeared first on HIPAA Journal.

Ransomware 107

Ransomware Licensing HIPAA Health Insurance 107

HIPAA Journal

NOVEMBER 28, 2022

(HHS) has recently announced that it was the victim of a ransomware attack. The investigation revealed an unauthorized third party first accessed its systems on June 10, 2022, several days prior to using ransomware to encrypt files. Ransomware Attack Affects Patients of Disability Services of the Southwest.

Ransomware 111

Ransomware Electronic Medical Records HIPAA Licensing 111

HIPAA Journal

JANUARY 9, 2023

Maternal & Family Health Services in Eastern Pennsylvania has recently notified certain patients about an April 4, 2022, ransomware attack in which sensitive patient data was exposed. Retreat Behavioral Health Ransomware Attack Affects Up to 23,620 Patients. Notifications were sent to affected individuals on January 3, 2023.

Ransomware 103

Ransomware HIPAA Licensing Health Insurance 103

Healthcare It News

SEPTEMBER 21, 2023

Growing patient discomfort in sharing health information Beyond health system disruptions such as ransomware that can compromise patient data , cybercriminals are increasingly going after individual patients. " To safely address insider snooping you have to record all the views and actions, which HIPAA requires anyway.

Governance 337

Governance HIPAA Ransomware Licensing 337

HIPAA Journal

AUGUST 16, 2022

In August 2021, the Vice Society ransomware operation published data on its data leak site that had allegedly been obtained in a ransomware attack on United Health Centers of San Joaquin Valley. HIPAA Journal reported on the incident in September 2021.

Ransomware 103

Ransomware HIPAA Licensing Governance 103

HIPAA Journal

APRIL 8, 2024

The Medusa ransomware group has leaked data stolen from American Renal Associates. American Renal Associates American Renal Associates (ARA), one of the largest providers of dialysis services in the United States and a provider of care for patients suffering from end-stage renal disease has experienced a Medusa ransomware attack.

Ransomware 82

Ransomware Health Insurance Licensing HIPAA 82

HIPAA Journal

MAY 23, 2024

A Texas ophthalmology practice has experienced a ransomware attack that resulted in the encryption of files on its computer systems. The post Ransomware Attack on Texas Ophthalmology Practice Exposes Data of 80,000 Patients appeared first on HIPAA Journal.

Ransomware 88

Ransomware Licensing HIPAA 88

HIPAA Journal

AUGUST 8, 2023

The LockBit ransomware group has added Varian Medical Systems to its data leak site and has threatened to publish the data of cancer patients if the ransom is not paid. The post LockBit Ransomware Group Threatens to Publish Stolen Cancer Patient Data appeared first on HIPAA Journal.

Ransomware 98

Ransomware Licensing HIPAA Health Insurance 98

HIPAA Journal

JULY 17, 2023

Attacks that involve the theft of naked images offer threat actors an easy way to increase pressure on the victim to make payment, as was the case with a ransomware attack on Lehigh Valley Health Network earlier this year by the ALPHV/BlackCat ransomware group.

Ransomware 98

Ransomware HIPAA Licensing Health Insurance 98

HIPAA Journal

AUGUST 10, 2023

The Ottumwa Fire Department in Iowa has recently fired employees for alleged violations of the HIPAA Rules and other misconduct. The post Ottumwa Fire Department Fires Employees for Misconduct and HIPAA Violations appeared first on HIPAA Journal. The information involved varied from individual to individual.

HIPAA 96

HIPAA Ransomware Licensing Health Insurance 96

HIPAA Journal

NOVEMBER 8, 2023

Mulkay Cardiology Consultants at Holy Name Medical Center has recently confirmed that it fell victim to a ransomware attack. The compromised information included names, addresses, dates of birth, Social Security numbers, driver’s license numbers or state IDs, medical treatment information, and health insurance information.

Ransomware 114

Ransomware Licensing Health Insurance HIPAA 114

HIPAA Journal

MAY 24, 2022

While PHC did not state the nature of the cyberattack in its breach notification, the Hive ransomware gang has claimed responsibility for the attack and alleges around 400 GB of files were stolen, a sample of which was temporarily uploaded to the group’s data leak site.

Ransomware 140

Ransomware Licensing HIPAA Health Insurance 140

HIPAA Journal

FEBRUARY 7, 2023

Regal Medical Group, a San Bernardino, CA-based affiliate of the Heritage Provider Network, recently announced that it was attacked with ransomware. The forensic investigation confirmed that the attackers gained access to the servers on or around December 1 and exfiltrated files before the ransomware was deployed.

Ransomware 70

Ransomware Hospitals Licensing HIPAA 70

HIPAA Journal

JULY 3, 2024

has confirmed that patient data has been compromised in a cyberattack, and the Monti ransomware group has claimed responsibility for a cyberattack on Wayne Memorial Hospital. The post Texas Retina Associates Cyberattack Affects 312,000 Patients appeared first on The HIPAA Journal.

Ransomware 126

Ransomware Health Insurance Hospitals HIPAA 126

Compliancy Group

JANUARY 7, 2025

On January 7, 2025, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that it had entered into an $80,000 settlement and three-year corrective action plan (CAP) with Massachusetts-based HIPAA business associate Elgon Information Systems (Elgon), an EMR and billing support service provider to covered entities.

Ransomware 52

Ransomware HIPAA Governance Compliance 52

HIPAA Journal

MARCH 29, 2023

Atlantic General Hospital – Ransomware Attack Atlantic General Hospital (AGH) in Berlin, MD, has recently reported a ransomware attack to the Maine Attorney General that has affected up to 30,704 individuals. The post Hacking Incidents Reported by Atlantic General and Lawrence General Hospitals appeared first on HIPAA Journal.

Hospitals 123

Hospitals Ransomware Licensing Health Insurance 123

HIPAA Journal

MAY 2, 2023

NYSARC Columbia County Chapter Notifies Individuals About July 2022 Ransomware Attack NYSARC Columbia County Chapter (COARC) has started notifying certain individuals that some of their protected health information has potentially been obtained by unauthorized individuals in a July 2022 ransomware attack.

Ransomware 121

Ransomware Licensing Health Insurance HIPAA 121

HIPAA Journal

DECEMBER 2, 2022

San Juan Regional Medical Center stated at the time that this was a malware, rather than a ransomware attack. While legal action was not taken over a HIPAA violation, the lawsuit alleged the lack of appropriate safeguards constituted a HIPAA violation. All claims must be submitted by February 8, 2023.

Licensing 110

Licensing HIPAA Ransomware Health Insurance 110

HIPAA Journal

FEBRUARY 15, 2023

The medical device manufacturer Electromed has proposed a $850,000 settlement to resolve claims related to a June 2021 ransomware attack and data breach involving the protected health information of 47,200 individuals. The post Electromed Proposes $825,000 Class Action Data Breach Settlement appeared first on HIPAA Journal.

Ransomware 109

Ransomware Fraud Licensing Health Insurance 109

HIPAA Journal

FEBRUARY 23, 2022

There was no mention of ransomware, but NHS Management said the incident affected the functionality of certain systems and it worked quickly to restore access. This appears to be a placeholder to meet HIPAA breach reporting requirements until the full extent of the breach is known.

Electronic Medical Records 142

Electronic Medical Records HIPAA Health Insurance Medical Billing 142

HIPAA Journal

APRIL 25, 2024

OPMT said, “Even though it is not specifically required by HIPAA, we will offer identity theft protection services to all affected individuals; we feel that this is an important precaution to protect our patients.” The BianLian group has claimed responsibility for the attack.

Licensing 112

Licensing HIPAA Ransomware 112

HIPAA Journal

APRIL 23, 2024

Notification letters have been sent to more than 34,500 individuals about ransomware attacks that occurred more than 9 months ago. The post Kisco Senior Living & Island Ambulatory Surgery Center Disclose Summer 2023 Cyberattacks appeared first on HIPAA Journal.

Ransomware 111

Ransomware Fraud Licensing HIPAA 111

HIPAA Journal

JUNE 22, 2023

Information potentially compromised included names in combination with one or more of the following data elements: date of birth, address, phone number, Social Security Number, driver’s license number, and health information such as medical diagnosis, treatment information, and pharmaceutical records.

Ransomware 101

Ransomware Licensing HIPAA 101

HIPAA Journal

JULY 14, 2022

The Winston-Salem, NC-based managed behavioral health organization, Carolina Behavioral Health Alliance (CBHA), the administrator of behavioral health benefits for Wake Forest University and Wake Forest Baptist Medical Center, has recently announced it was the victim of a ransomware attack.

Licensing 117

Licensing Health Insurance Ransomware HIPAA 117

HIPAA Journal

APRIL 13, 2022

LockBit Ransomware Gang Claims Data Stolen from Tague Family Practice. The LockBit ransomware gang claims to have gained access to the systems of Tague Family Practice in St. The post Resources for Human Development, WellStar Health & Central Vermont Eye Care Announce Data Breaches appeared first on HIPAA Journal.

Ransomware 120

Ransomware HIPAA Licensing Health Insurance 120

HIPAA Journal

NOVEMBER 17, 2022

Salud Family Health Provides Update on September 2022 Ransomware Attack. The breach was reported to the HHS’ Office for Civil Rights using a placeholder of 501 and that figure has yet to be updated on the OCR breach portal; however, the threat actor behind the attack – the Lorenz ransomware group – has dumped a sample of the files online.

Ransomware 81

Ransomware Health Insurance HIPAA Fraud 81