HIPAA Journal

JULY 17, 2023

Attacks that involve the theft of naked images offer threat actors an easy way to increase pressure on the victim to make payment, as was the case with a ransomware attack on Lehigh Valley Health Network earlier this year by the ALPHV/BlackCat ransomware group. Gary Motykie were also published online.

Ransomware 95

Ransomware HIPAA Licensing Health Insurance 95

HIPAA Journal

FEBRUARY 16, 2022

Family Christian Health Center (FCHC) in Illinois has announced it was the victim of a ransomware attack in November 2021 that compromised the protected health information of 31,000 patients. Patient Data Potentially Compromised in Jackson County Hospital Ransomware Attack. FCHC said it has implemented additional technical safeguards.

Ransomware 119

Ransomware Hospitals Licensing HIPAA 119

HIPAA Journal

AUGUST 8, 2023

The LockBit ransomware group has added Varian Medical Systems to its data leak site and has threatened to publish the data of cancer patients if the ransom is not paid. The post LockBit Ransomware Group Threatens to Publish Stolen Cancer Patient Data appeared first on HIPAA Journal.

Ransomware 92

Ransomware Licensing HIPAA Health Insurance 92

HIPAA Journal

AUGUST 3, 2022

Fast Track Urgent Care, a network of urgent healthcare clinics in Florida, has confirmed that 258,411 individuals have had their protected health information exposed and potentially stolen in a ransomware attack on billing and practice management vendor, PracticeMax.

Ransomware 103

Ransomware Health Insurance Licensing HIPAA 103

HIPAA Journal

MARCH 10, 2023

According to the notifications, unauthorized individuals gained access to its network and used ransomware to encrypt files. MFHS said the sophisticated ransomware attack was discovered in April 2022. The post Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach appeared first on HIPAA Journal.

Ransomware 84

Ransomware HIPAA Licensing Health Insurance 84

HIPAA Journal

MARCH 10, 2022

Individuals whose Social Security number, driver’s license, state identification number, or financial account information may have been involved have been offered complimentary credit monitoring services. Morrow has recently announced that hackers gained access to his IT systems and used ransomware to encrypt data. DataHealth.

Ransomware 125

Ransomware Licensing Health Insurance Hospitals 125

HIPAA Journal

MAY 26, 2023

That appears to be the case with two recent cyberattacks, neither of which mention ransomware or confirm that data theft occurred. Since it appears from the claims of the ransomware groups that data has been stolen, affected individuals should ensure they take advantage of those complimentary services. provide more information.

Ransomware 58

Ransomware Health Insurance HIPAA Licensing 58

HIPAA Journal

AUGUST 29, 2023

Medical records extracted during the recent Prospect Medical Holdings ransomware attack are being allegedly offered for sale on the dark web according to social media sources. The post Medical Records from Prospect Ransomware Attack Appear on Dark Web appeared first on HIPAA Journal.

Ransomware 52

Ransomware Licensing HIPAA Hospitals 52

HIPAA Journal

NOVEMBER 28, 2022

(HHS) has recently announced that it was the victim of a ransomware attack. The investigation revealed an unauthorized third party first accessed its systems on June 10, 2022, several days prior to using ransomware to encrypt files. Ransomware Attack Affects Patients of Disability Services of the Southwest.

Ransomware 103

Ransomware Electronic Medical Records HIPAA Licensing 103

HIPAA Journal

JANUARY 5, 2023

Fitzgibbon Hospital said it discovered on December 1, 2022, that some patient data had been compromised in the attack including “full names, Social Security numbers, driver’s license numbers, financial account numbers, health insurance information, and/or medical information,” with the data involved varying from individual to individual.

Ransomware 111

Ransomware Hospitals HIPAA Licensing 111

HIPAA Journal

APRIL 28, 2022

Irvine, CA-based Smile Brands, a provider of support services for dental offices, has recently provided an update on the number of individuals affected by a ransomware attack that was discovered on April 24, 2021. The post Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack appeared first on HIPAA Journal.

Ransomware 106

Ransomware Health Insurance HIPAA Licensing 106

HIPAA Journal

SEPTEMBER 14, 2022

Medical Associates of the Lehigh Valley in Pennsylvania (MATLV) has announced that it recently fell victim to a sophisticated ransomware attack on its network. The post Ransomware Attack on Medical Associates of the Lehigh Valley Affects 75K Patients appeared first on HIPAA Journal.

Ransomware 85

Ransomware Licensing HIPAA Health Insurance 85

HIPAA Journal

AUGUST 16, 2022

In August 2021, the Vice Society ransomware operation published data on its data leak site that had allegedly been obtained in a ransomware attack on United Health Centers of San Joaquin Valley. On August 31, 2021, Bleeping Computer was made aware of the data leak and made multiple attempts to notify United Health Centers.

Ransomware 97

Ransomware HIPAA Licensing Governance 97

HIPAA Journal

NOVEMBER 21, 2022

The Wisconsin-based dermatology practice, Forefront Dermatology, has agreed to settle a class action lawsuit filed on behalf of patients whose protected health information (PHI) was compromised in a ransomware attack in late May 2021. Million Settlement to Resolve Ransomware Lawsuit appeared first on HIPAA Journal.

Ransomware 61

Ransomware Fraud HIPAA Licensing 61

HIPAA Journal

NOVEMBER 8, 2023

Mulkay Cardiology Consultants at Holy Name Medical Center has recently confirmed that it fell victim to a ransomware attack. The compromised information included names, addresses, dates of birth, Social Security numbers, driver’s license numbers or state IDs, medical treatment information, and health insurance information.

Ransomware 95

Ransomware Licensing Health Insurance HIPAA 95

HIPAA Journal

NOVEMBER 17, 2022

Salud Family Health Provides Update on September 2022 Ransomware Attack. The breach was reported to the HHS’ Office for Civil Rights using a placeholder of 501 and that figure has yet to be updated on the OCR breach portal; however, the threat actor behind the attack – the Lorenz ransomware group – has dumped a sample of the files online.

Ransomware 77

Ransomware Health Insurance Hospitals Fraud 77

HIPAA Journal

SEPTEMBER 8, 2023

Just Kids Dental Suffers Ransomware Attack Acadia Health, LLC, doing business as Just Kids Dental, has started notifying 129,623 patients that some of their protected health information was stolen in an August 2, 2023, ransomware attack. Credit monitoring services are being offered to the affected individuals for 12 months at no cost.

Licensing 97

Licensing Ransomware Health Insurance HIPAA 97

HIPAA Journal

FEBRUARY 8, 2024

For some individuals, the information may include also Social Security number, financial account or credit/debit card numbers, driver’s license or state/federal identification number, and/or other personal information.

Ransomware 80

Ransomware Electronic Medical Records Licensing Health Insurance 80

HIPAA Journal

JUNE 22, 2023

Information potentially compromised included names in combination with one or more of the following data elements: date of birth, address, phone number, Social Security Number, driver’s license number, and health information such as medical diagnosis, treatment information, and pharmaceutical records.

Ransomware 76

Ransomware Licensing HIPAA 76

HIPAA Journal

AUGUST 2, 2023

The files contained information such as names, birthdates, signatures, insurance details, contact information, government identification numbers including driver’s licenses and Social Security numbers, medical history/treatment information, and financial information.

Licensing 74

Licensing Electronic Medical Records Ransomware Health Insurance 74

HIPAA Journal

JUNE 8, 2023

A few days later, on April 5, 2023, SJBHR was the victim of a ransomware attack that resulted in files being encrypted on certain computer systems. In response to the ransomware attack, policies and procedures have been reviewed and additional data security measures have been implemented.

Medicaid 83

Medicaid Medicaid Ransomware Health Insurance 83

HIPAA Journal

FEBRUARY 15, 2023

The medical device manufacturer Electromed has proposed a $850,000 settlement to resolve claims related to a June 2021 ransomware attack and data breach involving the protected health information of 47,200 individuals. A lawsuit – Lutz, et al.

Ransomware 82

Ransomware Fraud Licensing Health Insurance 82

HIPAA Journal

DECEMBER 29, 2022

Southwest Louisiana Health Care System did not disclose the exact nature of the cyberattack, but the Hive ransomware gang claimed responsibility. While Hive is known for using ransomware to encrypt files, the gang claims only to have exfiltrated patient data. Ransomware Attack Affects 6,800 Patients of Midwest Orthopaedic Consultants.

Ransomware 94

Ransomware Health Insurance Licensing Medical Billing 94

HIPAA Journal

MARCH 29, 2023

Atlantic General Hospital – Ransomware Attack Atlantic General Hospital (AGH) in Berlin, MD, has recently reported a ransomware attack to the Maine Attorney General that has affected up to 30,704 individuals. The attack was detected on January 29, 2023, when files were discovered to have been encrypted.

Hospitals 96

Hospitals Ransomware Licensing Health Insurance 96

AIHC

MARCH 12, 2024

As technology advances, so do cyber criminals When it comes to cyberattacks and cyber extortion (ransomware attacks), health care organization continue to suffer as prime targets and continue to struggle to recover after an attack. What can be done to remain secure, given AI-enhanced cyberthreats?

Ransomware 59

Ransomware Governance Compliance HIPAA 59

HIPAA Journal

JULY 25, 2023

Wake Family Eye Care Suffers Ransomware Attack Wake Family Eye Care in Cary, NC, recently fell victim to a ransomware attack. The stolen files included individuals’ names, dates of birth, driver’s license information, Social Security number, medical information, and health insurance information.

Ransomware 82

Ransomware Licensing HIPAA Health Insurance 82

HIPAA Journal

FEBRUARY 23, 2023

The attacks have prompted the Health Sector Cybersecurity Coordination Center (HC3) to issue a further warning about the Clop ransomware group, which claimed responsibility for the attacks. In these attacks, the group said it could have deployed ransomware but chose not to do so, instead opting for an extortion-only approach.

Ransomware 58

Ransomware Licensing HIPAA Public Health 58

HIPAA Journal

JULY 27, 2023

The Clop ransomware group exploited a zero-day vulnerability in Progress Software’s MOVEit file transfer solution, gained access to UTSW’s MOVEit server, and exfiltrated files that contained names, medical record numbers, dates of birth, medication names, medication dosages, prescribing provider names.

Ransomware 89

Ransomware Licensing Health Insurance HIPAA 89

HIPAA Journal

SEPTEMBER 12, 2023

Seymour, IN-based Schneck Medical Center has settled a lawsuit with the Indiana attorney general, Todd Rokita, over a 2021 ransomware attack and data breach that affected 89,707 Indiana residents. Schneck Medical Center Compensates Patients for Losses Schneck Medical Center has also recently settled a consolidated class action lawsuit for $1.3

HIPAA 87

HIPAA Ransomware Health Insurance Fraud 87

HIPAA Journal

MAY 24, 2022

While PHC did not state the nature of the cyberattack in its breach notification, the Hive ransomware gang has claimed responsibility for the attack and alleges around 400 GB of files were stolen, a sample of which was temporarily uploaded to the group’s data leak site.

Ransomware 132

Ransomware Licensing HIPAA Health Insurance 132

HIPAA Journal

JUNE 8, 2023

Mercy Medical Center did not state whether ransomware was involved but said data had to be restored from backups and some data has likely been lost. The attack did not affect patient care but prevented access to its systems while the attack was remediated.

Ransomware 94

Ransomware HIPAA Licensing Health Insurance 94

HIPAA Journal

DECEMBER 2, 2022

San Juan Regional Medical Center stated at the time that this was a malware, rather than a ransomware attack. Complimentary credit monitoring services were offered to patients for a period of 12 months.

Licensing 86

Licensing HIPAA Ransomware Health Insurance 86

HIPAA Journal

JUNE 24, 2022

A limited number of individuals also had their Social Security numbers, driver’s license/state ID numbers, and/or financial account information exposed. Patient Data Stolen in Ransomware Attack on Heartland Healthcare Services. Atrium Health said there have been no reported cases of misuse of patient data.

Ransomware 114

Ransomware Licensing HIPAA Health Insurance 114

HIPAA Journal

MARCH 21, 2022

Suffers Ransomware Attack. in West Virginia has announced it was the victim of a ransomware attack in January 2022. The breach report submitted to the Texas Attorney General indicates the ePHI of 1,026,820 Texans was potentially compromised. Wheeling Health Right Inc. Wheeling Health Right Inc.

Ransomware 97

Ransomware Licensing HIPAA Health Insurance 97

HIPAA Journal

JUNE 8, 2023

Shasta Community Health Center Impacted by Alvaria Ransomware Attack Shasta Community Health Center in Redding, CA, has recently confirmed that patient data was compromised in a ransomware attack on its business associate, Alvaria, Inc. Alvaria confirmed in February that it was the victim of a Hive ransomware attack in November 2022.

Ransomware 81

Ransomware Hospitals Medical Billing HIPAA 81

HIPAA Journal

APRIL 13, 2022

LockBit Ransomware Gang Claims Data Stolen from Tague Family Practice. The LockBit ransomware gang claims to have gained access to the systems of Tague Family Practice in St. The theft occurred on or around January 27, 2022, and was discovered by RHD on February 16, 2022.

Ransomware 111

Ransomware Licensing HIPAA Health Insurance 111

HIPAA Journal

AUGUST 8, 2022

Carmel, IN-based Goodman Campbell Brain and Spine has started notifying 363,000 current and former patients that some of their protected health information was stolen prior to data being encrypted with ransomware and some of the stolen data has been published on the gang’s dark web data leak site.

Ransomware 88

Ransomware Electronic Medical Records HIPAA Licensing 88