2021, Health Insurance and Ransomware - Health Care Compliance Brief

Fast Track Urgent Care Confirms 258,411 Individuals Affected by 2021 PracticeMax Ransomware Attack

HIPAA Journal

AUGUST 3, 2022

Fast Track Urgent Care, a network of urgent healthcare clinics in Florida, has confirmed that 258,411 individuals have had their protected health information exposed and potentially stolen in a ransomware attack on billing and practice management vendor, PracticeMax.

Ransomware

Ransomware Health Insurance Licensing HIPAA

San Andreas Regional Center Agrees to Settle 2021 Ransomware Attack Lawsuit

HIPAA Journal

JANUARY 31, 2023

Affected individuals were notified about the cyberattack in August 2021 and were offered complimentary credit monitoring and identity theft protection services. Affected individuals were notified about the cyberattack in August 2021 and were offered complimentary credit monitoring and identity theft protection services.

Ransomware

Ransomware Fraud Health Insurance HIPAA

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

HIPAA Journal

MARCH 10, 2022

Bako Diagnostics (BakoDx), a Georgia-based provider of laboratory services to healthcare providers, has announced it was the victim of a cyberattack that was discovered on December 28, 2021. The files exfiltrated from its systems included the protected health information of patients.

Ransomware

Ransomware Licensing Health Insurance Hospitals

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

HIPAA Journal

MAY 25, 2022

Bryan County Ambulance Authority Ransomware Attack Affects 14,000 Patients. The Bryan County Ambulance Authority in Oklahoma has recently started notifying 14,273 patients about the exposure and potential theft of some of their protected health information. Lifespan Services Suffers Ransomware Attack.

Ransomware

Ransomware Fraud HIPAA Licensing

Four Healthcare Providers Hit with Ransomware Attacks

HIPAA Journal

MARCH 1, 2022

Ransomware attacks have recently been reported by four healthcare providers across the country, which have collectively resulted in the exposure and potential theft of the protected health information of more than 49,000 individuals. 2021, and successfully encrypted files on its network and servers. Jax Spine & Pain Centers.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack

HIPAA Journal

APRIL 28, 2022

Irvine, CA-based Smile Brands, a provider of support services for dental offices, has recently provided an update on the number of individuals affected by a ransomware attack that was discovered on April 24, 2021. The initial notice to the Maine attorney general was submitted on October 8, 2021.

Ransomware

Ransomware Health Insurance HIPAA Licensing

Ransomware Attack Triggers Multiple Lawsuits Against Harvard Pilgrim Healthcare & Point32Health

HIPAA Journal

JUNE 13, 2023

Harvard Pilgrim Health Care and its parent company, Point32Health, are facing multiple class action lawsuits after hackers gained access to the protected health information (PHI) of more than 2.5 million individuals in an April 2023 ransomware attack. Harvard Pilgrim Health Care Inc. million customers.

Ransomware

Ransomware Fraud Health Insurance HIPAA

Law Enforcement Health Benefits and Oklahoma City Indian Clinic Suffer Ransomware Attacks

HIPAA Journal

MARCH 30, 2022

Oklahoma City Indian Clinic and Law Enforcement Health Benefits Inc. have confirmed they were recent victims of cyberattacks, both of which involved the use of ransomware. Ransomware Attack Affects 85,282 Law Enforcement Health Benefits Members. Law Enforcement Health Benefits, Inc.

Ransomware

Ransomware Electronic Medical Records Licensing HIPAA

Ransomware Gangs Claim Health Plan and Healthcare Provider Attacked

HIPAA Journal

APRIL 1, 2022

Partnership Health Plan of California Recovering from Suspected Ransomware Attack. The Fairfield, CA-based nonprofit managed care health plan, Partnership Health Plan of California (PHC), has suffered a cyberattack that has taken its IT systems out of action for more than a week. That claim has since been removed.

Ransomware

Ransomware HIPAA Health Insurance

Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack

HIPAA Journal

MAY 16, 2022

According to the April 29, 2022, notification on the healthcare provider’s website, “We recently discovered unauthorized access to our network occurred between May 31, 2021, and June 1, 2021.” The post Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack appeared first on HIPAA Journal.

Health Insurance

Health Insurance Ransomware HIPAA Licensing

Planned Parenthood Los Angeles Settles Class Action Data Breach Lawsuit for $6 Million

HIPAA Journal

APRIL 8, 2024

Planned Parenthood Los Angeles, a provider of reproductive healthcare services in Los Angeles County, has proposed a $6 million settlement to resolve all claims related to a 2021 data breach that exposed the personal information of more than 409,437 patients.

Ransomware

Ransomware HIPAA Health Insurance Fraud

Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach

HIPAA Journal

MARCH 10, 2023

According to the notifications, unauthorized individuals gained access to its network and used ransomware to encrypt files. MFHS said the sophisticated ransomware attack was discovered in April 2022. The post Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach appeared first on HIPAA Journal.

Ransomware

Ransomware HIPAA Licensing Health Insurance

Eye Care Leaders Breach: Ransomware Attack Claims New Victims

Compliancy Group

JUNE 29, 2022

In early December of 2021, Eye Care Leaders (Eye Care), an electronic medical record vendor supplying business associate services to eye care providers across the country, discovered it had incurred a data breach. Eye Care’s myCare Integrity solution was hacked via a ransomware attack on December 4, 2021. . Email addresses.

Ransomware

Ransomware Electronic Medical Records HIPAA Compliance

Morley Companies Ransomware Hack Leaks Data for 500k+

Compliancy Group

FEBRUARY 14, 2022

A ransomware hack of Morley Companies Inc. The provider of business process outsourcing and meeting solutions to dozens of Fortune 500 companies revealed the ransomware hacking incident in a filing with the Office of the Maine Attorney General and a post on their website. Details of Morley Companies Ransomware Hack. Learn More!

Ransomware

Ransomware HIPAA Health Insurance Compliance

Patient Data Stolen in July 2021 Cyberattack on Chelan Douglas Health District

HIPAA Journal

MARCH 24, 2022

Chelan Douglas Health District in East Wenatchee, WA, has announced it was the victim of a cyberattack in July 2021 in which the personal and protected health information of patients was exfiltrated from its systems. A representative for the health district said this was not a ransomware attack.

Ransomware

Ransomware Fraud Hospitals HIPAA

PHI Potentially Compromised in Ransomware Attacks at MD, TX, and FL Healthcare Providers

HIPAA Journal

NOVEMBER 28, 2022

(HHS) has recently announced that it was the victim of a ransomware attack. The investigation revealed an unauthorized third party first accessed its systems on June 10, 2022, several days prior to using ransomware to encrypt files. Ransomware Attack Affects Patients of Disability Services of the Southwest.

Ransomware

Ransomware Electronic Medical Records HIPAA Licensing

Associates in Dermatology Patients Affected by Business Associate Ransomware Attack

HIPAA Journal

MARCH 23, 2023

Associates in Dermatology, a network of dermatology clinics in Indiana, Kentucky, and New York, has started notifying patients that some of their protected health information has been exposed in a ransomware attack on one of its business associates.

Ransomware

Ransomware Electronic Medical Records Records Management HIPAA

Notifications Recently Sent to Alert Individuals About September 2020 and February 2021 Cyberattacks

HIPAA Journal

FEBRUARY 24, 2022

Comprehensive Health Services explained in its breach notification letter to the Maine Attorney general that it determined on November 3, 2021, that the personal information of a limited number of individuals employed by one of its customers may have been accessed and stolen in the attack.

HIPAA

HIPAA Ransomware Health Insurance

Breach Barometer Report Shows Over 50 Million Healthcare Records Were Breached in 2021

HIPAA Journal

MARCH 11, 2022

Protenus has released its 2022 Breach Barometer Report which confirms 2021 was a particularly bad year for healthcare industry data breaches, with more than 50 million healthcare records exposed or compromised in 2021. There were 111 insider incidents in 2021, similar to the 110 incidents in 2019, which is a 26% decrease from 2020.

HIPAA

HIPAA Ransomware Health Insurance

Forefront Dermatology Proposes $3.75 Million Settlement to Resolve Ransomware Lawsuit

HIPAA Journal

NOVEMBER 21, 2022

The Wisconsin-based dermatology practice, Forefront Dermatology, has agreed to settle a class action lawsuit filed on behalf of patients whose protected health information (PHI) was compromised in a ransomware attack in late May 2021. Million Settlement to Resolve Ransomware Lawsuit appeared first on HIPAA Journal.

Ransomware

Ransomware Fraud HIPAA Licensing

Is Zero Trust the Remedy to Healthcare’s Ransomware Epidemic?

HIT Consultant

AUGUST 31, 2021

There’s no sugarcoating it: healthcare has a serious ransomware problem. In fact, the first-ever such attack targeted the industry in 1989 when 20,000 floppy disks infected with ransomware were given to those who attended the World Health Organization’s AIDS Conference. And it’s not a new problem for this sector.

Ransomware

Ransomware Pharmaceutical Industry Governance World Health

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

HIPAA Journal

SEPTEMBER 12, 2023

Seymour, IN-based Schneck Medical Center has settled a lawsuit with the Indiana attorney general, Todd Rokita, over a 2021 ransomware attack and data breach that affected 89,707 Indiana residents.

HIPAA

HIPAA Ransomware Health Insurance Fraud

Hacking and IT Incidents Affect 563,000 Patients and Health Plan Members

HIPAA Journal

DECEMBER 1, 2022

Stanley Street Treatment and Resources Discloses October 2021 Data Breach. STAR), has recently announced a data breach that occurred more than a year ago in October 2021. An unauthorized individual was found to have gained access to its network and downloaded files containing the protected health information of 45,785 patients.

Health Insurance

Health Insurance Ransomware HIPAA Governance

Electromed Proposes $825,000 Class Action Data Breach Settlement

HIPAA Journal

FEBRUARY 15, 2023

The medical device manufacturer Electromed has proposed a $850,000 settlement to resolve claims related to a June 2021 ransomware attack and data breach involving the protected health information of 47,200 individuals.

Ransomware

Ransomware Fraud Licensing Health Insurance

New York Law Firm Pays $200,000 to State AG to Resolve HIPAA Violations

HIPAA Journal

MARCH 28, 2023

A New York law firm that suffered a LockBit ransomware attack has agreed to pay a financial penalty of $200,000 to the New York Attorney General to resolve alleged violations of New York General Business Law and the Privacy and Security Rules of the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA

HIPAA Ransomware Malpractice Health Insurance

Healthcare Sees 60% YoY Increase in Cyberattacks

HIPAA Journal

NOVEMBER 17, 2022

Healthcare was the third most targeted sector with an average of 1,426 attacks per month, but saw the second highest percentage increase in attacks, increasing by 60% from 2021. This was despite an 8% global fall in ransomware attacks in Q3. The post Healthcare Sees 60% YoY Increase in Cyberattacks appeared first on HIPAA Journal.

Ransomware

Ransomware Governance Health Insurance HIPAA

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

HIPAA Journal

MARCH 25, 2022

The forensic investigation revealed the email accounts were accessed by unauthorized individuals between April 7, 2021, and June 2, 2021. AHA provided notice about the attack on January 6, 2021. UMC was a victim of a REvil ransomware attack in June 2021 that resulted in the theft of the protected health information of 1.3

Health Insurance

Health Insurance Licensing Ransomware Fraud

Patient Data Likely Lost Due to Cyberattack on Mercy Medical Center – Clinton

HIPAA Journal

JUNE 8, 2023

Mercy Medical Center did not state whether ransomware was involved but said data had to be restored from backups and some data has likely been lost. According to the May 22, 2023, breach notice, the incidents occurred in 2021. Additional technical steps are being taken to try to recreate the lost data it was not possible to restore.

Ransomware

Ransomware HIPAA Licensing Health Insurance

PHI of Over 500,000 Individuals Potentially Compromised in 4 Security Incidents

HIPAA Journal

MARCH 9, 2022

The Birmingham, AL-based multi-specialty clinic, Norwood Clinic, has recently started notifying 228,103 individuals that some of their protected health information was accessed in a cyberattack that was detected on October 22, 2021. The review was concluded on February 2, 2022, and affected customers were updated on February 14, 2022.

Electronic Medical Records

Electronic Medical Records Health Insurance Ransomware HIPAA

Sturdy Memorial Hospital & North Shore Pain Management Settle Data Breach Lawsuits

HIPAA Journal

DECEMBER 13, 2022

Two healthcare organizations in Massachusetts have chosen to settle class action lawsuits that were filed by patients whose protected health information was stolen in cyberattacks. Claims can also be submitted for documented extraordinary losses incurred between February 9 and February 14, 2021, up to a maximum of $5,000.

Hospitals

Hospitals Ransomware HIPAA Health Insurance

Cyberattack and Data Destruction Reported by First Street Family Health

HIPAA Journal

AUGUST 31, 2022

This method of attack is becoming more common, where data is stolen, deleted, and then threats are issued to publish or sell the data if payment is not made to the attackers, but files are not encrypted using ransomware. Northeast Rehabilitation Hospital Network Notifies Patients About 2021 Cyberattack.

Electronic Medical Records

Electronic Medical Records Ransomware HIPAA Health Insurance

Michigan Law Firm and Medical Imaging Companies Confirm Breaches of Patient Information

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems.

Fraud

Fraud Health Insurance Ransomware HIPAA

Updates on Cyberattacks on Goodman Campbell Brain and Spine and Behavioral Health Group

HIPAA Journal

AUGUST 8, 2022

Carmel, IN-based Goodman Campbell Brain and Spine has started notifying 363,000 current and former patients that some of their protected health information was stolen prior to data being encrypted with ransomware and some of the stolen data has been published on the gang’s dark web data leak site.

Ransomware

Ransomware Electronic Medical Records HIPAA Licensing

San Diego Family Care Agrees to $1 Million Settlement to Resolve Class Action Data Breach Lawsuit

HIPAA Journal

JUNE 16, 2022

San Diego Family Care, a Californian provider of medical, dental, & mental health services, has agreed to settle a class action lawsuit filed by patients affected by a data breach in 2020. The security breach occurred in December 2020 at a technology provider and business associate, Netgain Technologies, and involved ransomware.

Ransomware

Ransomware Health Insurance HIPAA Governance

Unlimited Care and Nonstop Administration and Insurance Services Confirm PHI Exposure

HIPAA Journal

APRIL 13, 2023

Nonstop Administration and Insurance Services Reports Unauthorized Data Access Nonstop Administration and Insurance Services (NAIS), an administrator of health insurance benefits for employer groups, has recently announced that the protected health information of employees of its clients has been exposed.

Ransomware

Ransomware Health Insurance HIPAA

JDC Healthcare Management Data Breach Affects More than 1 Million Texans

HIPAA Journal

MARCH 21, 2022

As previously reported on this site, JDC Healthcare Management detected malware within its IT network on or around August 9, 2021, with the forensic investigation into the security breach confirming the malware was downloaded onto its systems on July 27, 2021. Wheeling Health Right Inc. Suffers Ransomware Attack.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Editorial: Why Do Criminals Target Medical Records

HIPAA Journal

OCTOBER 14, 2022

2021 saw 714 data breaches of 500 or more records reported to the OCR – an 11% increase from the previous year. Large health systems store millions of patient records and even relatively small healthcare providers may store the records of hundreds of thousands of patients. How do Hackers Make Money from Stolen Medical Data?

Ransomware

Ransomware HIPAA Health Insurance Hospitals

4 Data Security Challenges for Healthcare Organizations in 2022

HIT Consultant

DECEMBER 21, 2022

The key challenges faced by the industry include Data Breaches, Ransomware, Extensive use of Mobile Applications without proper ways to perform Authentication and Authorization and Lack of Healthcare Data Interoperability. million in 2021. Recent Data Breaches: – November 2022: Ransomware Hacker Steals Medibank Data on 9.7m

Ransomware

Ransomware HIPAA Health Insurance Governance

PHI Exposed in Cyberattacks on Methodist McKinny Hospital and Columbia River Mental Health Services

HIPAA Journal

AUGUST 25, 2022

The preliminary investigation has confirmed that the files contained names, addresses, Social Security numbers, birth dates, medical history information, medical diagnosis information, treatment information, medical record numbers, and health insurance information. It is currently unclear how many individuals have been affected.

Hospitals

Hospitals Ransomware HIPAA Health Insurance

Resources for Human Development, WellStar Health & Central Vermont Eye Care Announce Data Breaches

HIPAA Journal

APRIL 13, 2022

LockBit Ransomware Gang Claims Data Stolen from Tague Family Practice. The LockBit ransomware gang claims to have gained access to the systems of Tague Family Practice in St. Louis, MO, and exfiltrated sensitive data, some of which contained patients’ personal and protected health information.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Michigan Law Firm and Texas Medical Imaging Company Confirm Breaches of Patient Information

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems.

Fraud

Fraud Health Insurance Ransomware HIPAA

2022 Healthcare Data Breach Report

HIPAA Journal

JANUARY 24, 2023

million records in 2021 to 51.9 The theft of protected health information places patients and health plan members at risk of identity theft and fraud, but by far the biggest concern is the threat to patient safety. Scripps Health suffered a data breach of 1.2 million records in 2021 due to a ransomware attack.

Ransomware

Ransomware HIPAA Hospitals Fraud

Editorial: Lessons from Biggest HIPAA Breaches of 2022

HIPAA Journal

DECEMBER 23, 2022

million patients and health plan members. OneTouch Point – Ransomware Attack Involving 4.11 Hackers had gained access to its network and used ransomware to encrypt files, with that information also potentially stolen in the attack. Professional Finance Company – Ransomware Attack Involving 1.92 Million Records.

HIPAA

HIPAA Ransomware Health Insurance Compliance

Receivables Performance Management Data Breach Affects More Than 3.7 Million Individuals

HIPAA Journal

DECEMBER 12, 2022

Receivables Performance Management (RPM) in Lynnwood, WA, a business associate of several HIPAA-covered entities, has recently started notifying individuals affected by a 2021 ransomware attack. The incident was detected on May 12, 2021, with the investigation confirming its systems were first breached on April 8, 2021.

HIPAA

HIPAA Hospitals Ransomware Licensing

Fast Track Urgent Care Confirms 258,411 Individuals Affected by 2021 PracticeMax Ransomware Attack

San Andreas Regional Center Agrees to Settle 2021 Ransomware Attack Lawsuit

Trending Sources

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

Four Healthcare Providers Hit with Ransomware Attacks

Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack

Ransomware Attack Triggers Multiple Lawsuits Against Harvard Pilgrim Healthcare & Point32Health

Law Enforcement Health Benefits and Oklahoma City Indian Clinic Suffer Ransomware Attacks

Ransomware Gangs Claim Health Plan and Healthcare Provider Attacked

Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack

Planned Parenthood Los Angeles Settles Class Action Data Breach Lawsuit for $6 Million

Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach

Eye Care Leaders Breach: Ransomware Attack Claims New Victims

Morley Companies Ransomware Hack Leaks Data for 500k+

Patient Data Stolen in July 2021 Cyberattack on Chelan Douglas Health District

PHI Potentially Compromised in Ransomware Attacks at MD, TX, and FL Healthcare Providers

Associates in Dermatology Patients Affected by Business Associate Ransomware Attack

Notifications Recently Sent to Alert Individuals About September 2020 and February 2021 Cyberattacks

Breach Barometer Report Shows Over 50 Million Healthcare Records Were Breached in 2021

Forefront Dermatology Proposes $3.75 Million Settlement to Resolve Ransomware Lawsuit

Is Zero Trust the Remedy to Healthcare’s Ransomware Epidemic?

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

Hacking and IT Incidents Affect 563,000 Patients and Health Plan Members

Electromed Proposes $825,000 Class Action Data Breach Settlement

New York Law Firm Pays $200,000 to State AG to Resolve HIPAA Violations

Healthcare Sees 60% YoY Increase in Cyberattacks

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

Patient Data Likely Lost Due to Cyberattack on Mercy Medical Center – Clinton

PHI of Over 500,000 Individuals Potentially Compromised in 4 Security Incidents

Sturdy Memorial Hospital & North Shore Pain Management Settle Data Breach Lawsuits

Cyberattack and Data Destruction Reported by First Street Family Health

Michigan Law Firm and Medical Imaging Companies Confirm Breaches of Patient Information

Updates on Cyberattacks on Goodman Campbell Brain and Spine and Behavioral Health Group

San Diego Family Care Agrees to $1 Million Settlement to Resolve Class Action Data Breach Lawsuit

Unlimited Care and Nonstop Administration and Insurance Services Confirm PHI Exposure

JDC Healthcare Management Data Breach Affects More than 1 Million Texans

Editorial: Why Do Criminals Target Medical Records

4 Data Security Challenges for Healthcare Organizations in 2022

PHI Exposed in Cyberattacks on Methodist McKinny Hospital and Columbia River Mental Health Services

Resources for Human Development, WellStar Health & Central Vermont Eye Care Announce Data Breaches

Michigan Law Firm and Texas Medical Imaging Company Confirm Breaches of Patient Information

2022 Healthcare Data Breach Report

Editorial: Lessons from Biggest HIPAA Breaches of 2022

Receivables Performance Management Data Breach Affects More Than 3.7 Million Individuals

Stay Connected