Data Breaches Reported by The Hutchinson Clinic & 90 Degree Benefits
The Hutchinson Clinic Reports December 2022 Hacking Incident
The Hutchinson, KS-based healthcare provider, The Hutchinson Clinic, has recently announced that hackers accessed its network between December 19, 2022, and December 22, 2022, and during that time, files containing patient data may have been accessed and stolen. According to the clinic’s website data breach notice, the impacted information included names, contact information, birth dates, Social Security numbers, driver’s license numbers, health insurance information, medical record numbers (MRN), medical histories, diagnoses, treatment information, and physician names.
The exposed files are currently being reviewed and notifications will be mailed to affected individuals when that process is completed. The Hutchinson Clinic said it has conducted a review of its policies and procedures and will be implementing additional administrative and technical safeguards to better secure its systems and prevent further incidents of this nature.
The HHS’ Office for Civil Right website indicates up to 100,000 patients have been affected.
90 Degree Benefits Reports Hacking Incident Affecting 175,000 Individuals
On February 8, 2023, the Wisconsin-based employee benefits company, 90 Degree Benefits Inc., reported a data breach to the HHS’ Office for Civil Rights that involved the protected health information of 175,000 individuals. There is currently no notice on the 90 Degree Benefits website about the data breach, and currently, all that is known is that this was a hacking/IT incident involving a network server.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
This is the second large-scale data breach to be reported by the firm. On June 6, 2022, 90 Degree Benefits reported a breach to the HHS’ Office for Civil Rights that affected 172,450 individuals. The breach was discovered on February 27, 2022, with the forensic investigation determining hackers had access to its network between February 24 and February 27, 2022. The hackers potentially stole information such as names, addresses, and Social Security numbers.
Bridgewater-Raritan Regional School District Announced Breach of Health Plan Data
Bridgewater-Raritan Regional School District has recently confirmed that hackers gained access to its computer network in December 2022 and potentially viewed or obtained the information of employees who were enrolled in its Health Benefit Plan. Suspicious activity was detected within its network on December 12, 2022, and a third-party cybersecurity firm was engaged to investigate. The investigation confirmed its systems were accessed by unauthorized individuals between December 10 and December 12. During that time, files containing names, Social Security numbers, and enrolment selection information may have been accessed. Affected employees were notified on January 27, 2023, and were offered complimentary memberships to an identity theft monitoring service.
The breach was reported to the HHS’ Office for Civil Rights as affecting up to 3,909 individuals.