HIPAA Journal

MARCH 30, 2022

Oklahoma City Indian Clinic and Law Enforcement Health Benefits Inc. have confirmed they were recent victims of cyberattacks, both of which involved the use of ransomware. Ransomware Attack Affects 85,282 Law Enforcement Health Benefits Members. Law Enforcement Health Benefits, Inc.

Ransomware 127

Ransomware Electronic Medical Records Licensing HIPAA 127

HIPAA Journal

AUGUST 8, 2023

The LockBit ransomware group has added Varian Medical Systems to its data leak site and has threatened to publish the data of cancer patients if the ransom is not paid. McAlester Regional Health Center has not verified the claim and has yet to announce a data breach on its website or report the incident to the HHS’ Office for Civil Rights.

Ransomware 90

Ransomware Licensing HIPAA Health Insurance 90

HIPAA Journal

MARCH 10, 2023

According to the notifications, unauthorized individuals gained access to its network and used ransomware to encrypt files. MFHS said the sophisticated ransomware attack was discovered in April 2022. The post Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach appeared first on HIPAA Journal.

Ransomware 84

Ransomware HIPAA Licensing Health Insurance 84

HIPAA Journal

JULY 17, 2023

Attacks that involve the theft of naked images offer threat actors an easy way to increase pressure on the victim to make payment, as was the case with a ransomware attack on Lehigh Valley Health Network earlier this year by the ALPHV/BlackCat ransomware group.

Ransomware 94

Ransomware HIPAA Licensing Health Insurance 94

HIPAA Journal

JANUARY 5, 2023

Back in June 2022 , HIPAA Journal reported on a cyberattack on Fitzgibbon Hospital in Marshall, MO, after being contacted directly by a spokesperson for a threat group called DAIXIN Team, who claimed responsibility for the attack. The post Ransomware Attack at Fitzgibbon Hospital Affects 112,000 Patients appeared first on HIPAA Journal.

Ransomware 114

Ransomware Hospitals HIPAA Licensing 114

HIPAA Journal

MARCH 10, 2022

The files exfiltrated from its systems included the protected health information of patients. Individuals whose Social Security number, driver’s license, state identification number, or financial account information may have been involved have been offered complimentary credit monitoring services. DataHealth. Dr. Douglas C.

Ransomware 124

Ransomware Licensing Health Insurance Hospitals 124

HIPAA Journal

APRIL 23, 2024

Notification letters have been sent to more than 34,500 individuals about ransomware attacks that occurred more than 9 months ago. The post Kisco Senior Living & Island Ambulatory Surgery Center Disclose Summer 2023 Cyberattacks appeared first on HIPAA Journal.

Ransomware 99

Ransomware Fraud Licensing HIPAA 99

HIPAA Journal

DECEMBER 23, 2022

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting in the impermissible disclosure of well over a million records. The Biggest HIPAA Breaches of 2022. The 12 biggest HIPAA breaches of 2022 affected almost 22.66 million patients and health plan members.

HIPAA 81

HIPAA Ransomware Health Insurance Compliance 81

HIPAA Journal

APRIL 28, 2022

Irvine, CA-based Smile Brands, a provider of support services for dental offices, has recently provided an update on the number of individuals affected by a ransomware attack that was discovered on April 24, 2021. The post Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack appeared first on HIPAA Journal.

Ransomware 109

Ransomware Health Insurance HIPAA Licensing 109

HIPAA Journal

MAY 26, 2023

That appears to be the case with two recent cyberattacks, neither of which mention ransomware or confirm that data theft occurred. Since it appears from the claims of the ransomware groups that data has been stolen, affected individuals should ensure they take advantage of those complimentary services. provide more information.

Ransomware 60

Ransomware Health Insurance HIPAA Licensing 60

HIPAA Journal

SEPTEMBER 14, 2022

Medical Associates of the Lehigh Valley in Pennsylvania (MATLV) has announced that it recently fell victim to a sophisticated ransomware attack on its network. The post Ransomware Attack on Medical Associates of the Lehigh Valley Affects 75K Patients appeared first on HIPAA Journal.

Ransomware 85

Ransomware Licensing HIPAA Health Insurance 85

HIPAA Journal

AUGUST 10, 2023

The Ottumwa Fire Department in Iowa has recently fired employees for alleged violations of the HIPAA Rules and other misconduct. The post Ottumwa Fire Department Fires Employees for Misconduct and HIPAA Violations appeared first on HIPAA Journal. The information involved varied from individual to individual.

HIPAA 70

HIPAA Ransomware Licensing Health Insurance 70

HIPAA Journal

NOVEMBER 8, 2023

Mulkay Cardiology Consultants at Holy Name Medical Center has recently confirmed that it fell victim to a ransomware attack. The compromised information included names, addresses, dates of birth, Social Security numbers, driver’s license numbers or state IDs, medical treatment information, and health insurance information.

Ransomware 97

Ransomware Licensing Health Insurance HIPAA 97

HIPAA Journal

NOVEMBER 28, 2022

(HHS) has recently announced that it was the victim of a ransomware attack. The investigation revealed an unauthorized third party first accessed its systems on June 10, 2022, several days prior to using ransomware to encrypt files. Ransomware Attack Affects Patients of Disability Services of the Southwest.

Ransomware 105

Ransomware Electronic Medical Records HIPAA Licensing 105

HIPAA Journal

NOVEMBER 21, 2022

The Wisconsin-based dermatology practice, Forefront Dermatology, has agreed to settle a class action lawsuit filed on behalf of patients whose protected health information (PHI) was compromised in a ransomware attack in late May 2021. Million Settlement to Resolve Ransomware Lawsuit appeared first on HIPAA Journal.

Ransomware 64

Ransomware Fraud HIPAA Licensing 64

HIPAA Journal

NOVEMBER 17, 2022

Salud Family Health Provides Update on September 2022 Ransomware Attack. Colorado-based Salud Family Health, a Federal Qualified Health Center (FQHC), has recently provided an update on a September 2022 cyberattack and has confirmed that patient data was potentially stolen. The electronic record system was unaffected.

Ransomware 81

Ransomware Health Insurance Hospitals Fraud 81

HIPAA Journal

SEPTEMBER 8, 2023

Just Kids Dental Suffers Ransomware Attack Acadia Health, LLC, doing business as Just Kids Dental, has started notifying 129,623 patients that some of their protected health information was stolen in an August 2, 2023, ransomware attack. The incident was detected on August 8, 2023, after files were encrypted.

Licensing 98

Licensing Ransomware Health Insurance HIPAA 98

HIPAA Journal

JUNE 8, 2023

Names, addresses, Social Security numbers, and health insurance were impermissibly disclosed. A few days later, on April 5, 2023, SJBHR was the victim of a ransomware attack that resulted in files being encrypted on certain computer systems. Amerigroup is sending notification letters to those individuals.

Medicaid 81

Medicaid Medicaid Ransomware Health Insurance 81

HIPAA Journal

MARCH 29, 2023

Atlantic General Hospital – Ransomware Attack Atlantic General Hospital (AGH) in Berlin, MD, has recently reported a ransomware attack to the Maine Attorney General that has affected up to 30,704 individuals. The post Hacking Incidents Reported by Atlantic General and Lawrence General Hospitals appeared first on HIPAA Journal.

Hospitals 99

Hospitals Ransomware Licensing Health Insurance 99

HIPAA Journal

FEBRUARY 8, 2024

The list of affected individuals has yet to be finalized, but Covenant Care California has confirmed that the incident involved the following information: name, date of birth, medical information, and/or health insurance information, including diagnosis or treatment information and/or claims and billing information.

Ransomware 81

Ransomware Electronic Medical Records Licensing Health Insurance 81

HIPAA Journal

AUGUST 2, 2023

The files contained information such as names, birthdates, signatures, insurance details, contact information, government identification numbers including driver’s licenses and Social Security numbers, medical history/treatment information, and financial information.

Licensing 72

Licensing Electronic Medical Records Ransomware Health Insurance 72

HIPAA Journal

MAY 24, 2023

The threat actor exfiltrated sensitive data from its systems and then deployed ransomware to encrypt files. The leaked data included screenshots of 13 patients’ protected health information. The leaked data included screenshots of 13 patients’ protected health information.

HIPAA 100

HIPAA Ransomware Licensing Health Insurance 100

HIPAA Journal

FEBRUARY 15, 2023

The medical device manufacturer Electromed has proposed a $850,000 settlement to resolve claims related to a June 2021 ransomware attack and data breach involving the protected health information of 47,200 individuals. The post Electromed Proposes $825,000 Class Action Data Breach Settlement appeared first on HIPAA Journal.

Ransomware 83

Ransomware Fraud Licensing Health Insurance 83

HIPAA Journal

DECEMBER 29, 2022

The review of the exfiltrated files determined they contained information such as names, addresses, dates of birth, medical record numbers, patient identification numbers, health insurance information, payment information, and limited clinical information. Ransomware Attack Affects 6,800 Patients of Midwest Orthopaedic Consultants.

Ransomware 95

Ransomware Health Insurance Licensing Medical Billing 95

HIPAA Journal

DECEMBER 2, 2022

San Juan Regional Medical Center stated at the time that this was a malware, rather than a ransomware attack. While legal action was not taken over a HIPAA violation, the lawsuit alleged the lack of appropriate safeguards constituted a HIPAA violation. All claims must be submitted by February 8, 2023.

Licensing 87

Licensing HIPAA Ransomware Health Insurance 87

HIPAA Journal

MAY 24, 2022

While PHC did not state the nature of the cyberattack in its breach notification, the Hive ransomware gang has claimed responsibility for the attack and alleges around 400 GB of files were stolen, a sample of which was temporarily uploaded to the group’s data leak site.

Ransomware 132

Ransomware Licensing HIPAA Health Insurance 132

HIPAA Journal

JULY 25, 2023

Wake Family Eye Care Suffers Ransomware Attack Wake Family Eye Care in Cary, NC, recently fell victim to a ransomware attack. The investigation confirmed that hackers had access to systems where protected health information was stored between April 30, 2023, and May 8, 2023. Financial information was not compromised.

Ransomware 80

Ransomware Licensing HIPAA Health Insurance 80

HIPAA Journal

JULY 27, 2023

UT Southwestern Medical Center (UTSW) has recently confirmed that the protected health information of 98,437 patients was stolen in a cyberattack on May 28, 2023. Family Vision of Anderson Suffers Ransomware Attack Family Vision of Anderson in South Carolina was the victim of a May 2023 ransomware attack.

Ransomware 86

Ransomware Licensing Health Insurance HIPAA 86

HIPAA Journal

MARCH 25, 2022

AHA discovered the email breach in early September 2021 and determined on December 2, 2021, that files containing the protected health information of its healthcare provider clients had been accessed. UMC was a victim of a REvil ransomware attack in June 2021 that resulted in the theft of the protected health information of 1.3

Health Insurance 107

Health Insurance Licensing Ransomware Fraud 107

HIPAA Journal

JULY 31, 2023

a government services contracting company, has announced in a Securities and Exchange Commission (SEC) filing that hackers exploited a zero-day vulnerability in Progress Software’s MOVEit Transfer solution in May 2023 and accessed the protected health information (PHI) of between 8 and 11 million individuals. Reston, VA-based Maximus Inc.,

Governance 71

Governance Medicare Medicare Ransomware 71

HIPAA Journal

OCTOBER 4, 2022

The compromised files contained full names, addresses, dates of birth, gender, driver’s license numbers, Social Security numbers, health insurance information, and medical information, such as diagnosis/treatment information, lab results, and medications.

Ransomware 95

Ransomware Health Insurance HIPAA Licensing 95

HIPAA Journal

MAY 17, 2022

The review of the files revealed they mostly contained protected health information such as names, addresses, medical information, and/or health insurance information. Ransomware Attack Affects 28,000 FPS Medical Center Patients.

Health Insurance 94

Health Insurance Licensing Ransomware HIPAA 94

HIPAA Journal

OCTOBER 7, 2022

The files related to invoices sent to CSI Health Care provider customers which were most likely obtained to support the BEC scam. The files typically only contained patient names and identifiers (patient numbers), although some files contained further information such as dates of birth and health insurance information.

Ransomware 99

Ransomware Health Insurance HIPAA Licensing 99

HIPAA Journal

APRIL 13, 2022

LockBit Ransomware Gang Claims Data Stolen from Tague Family Practice. The LockBit ransomware gang claims to have gained access to the systems of Tague Family Practice in St. Louis, MO, and exfiltrated sensitive data, some of which contained patients’ personal and protected health information.

Ransomware 114

Ransomware Licensing HIPAA Health Insurance 114

HIPAA Journal

JUNE 8, 2023

Mercy Medical Center did not state whether ransomware was involved but said data had to be restored from backups and some data has likely been lost. The post Patient Data Likely Lost Due to Cyberattack on Mercy Medical Center – Clinton appeared first on HIPAA Journal. The group says files are being prepared for publication.

Ransomware 95

Ransomware HIPAA Licensing Health Insurance 95

HIPAA Journal

OCTOBER 14, 2022

Data compiled by HIPAA Journal from breach reports submitted to the HHS’ Office for Civil Rights (OCR) show the number of data breaches reported by HIPAA-regulated entities continues to increase every year. Many of the hacking incidents now being reported by healthcare providers involve the use of ransomware.

Ransomware 111

Ransomware HIPAA Health Insurance Hospitals 111

HIPAA Journal

APRIL 14, 2023

Southwest Healthcare Services said the compromised information included names, addresses, birth dates, medical record numbers, internal identification numbers, driver’s license numbers, state identification numbers, clinical and treatment information, and health insurance information.

Medicaid 94

Medicaid Medicaid Ransomware HIPAA 94