Ellicott City, MD-based Lorien Health Services, which runs 9 assisted living facilities in Maryland, has announced it was the victim of a ransomware attack on June 6, 2020.
Third party cybersecurity experts were retained to assist with the investigation and determine whether patient information had been accessed by the attackers. On June 10, 2020, it was confirmed that the attackers had accessed files containing residents’ names, addresses, dates of birth, diagnoses, treatment information, and Social Security numbers and some employee information. Some of that data was stolen in the attack.
The attack was conducted by the operators of Netwalker ransomware. When Lorien Health Services refused to pay the ransom, a sample of the stolen data was published online.
Lorien Health reported the breach to the FBI and the ransomware attack is being investigated. The breach report submitted to the Department of Health and Human Services indicates the compromised systems contained the protected health information of 47,754 individuals. Those individuals have been offered complimentary credit monitoring and identity theft protection services. Notification letters were sent to all impacted individuals on June 16, 2020, just 10 days after the attack.
Accu Copy of Greenville Security Breach Impacts 21,800 Patients
Accu Copy of Greenville, Incorporated, a NC-based company that provides printing and billing statement mailing services to businesses, has discovered unauthorized individuals gained access to one of its servers and may have accessed documents containing the protected health information of patients of Physicians East, a healthcare provider serving eastern North Carolina.
Accu Copy detected the breach on April 10, 2020 and promptly took steps to prevent any further unauthorized access. The investigation into the breach concluded the unauthorized individual first accessed the server on April 1, 2020. On May 15, 2020, Accu Copy confirmed patient data may have been accessed and a review of the files on the server was completed on June 26, 2020.
The server was discovered to contain billing statements for 21,800 patients. The statements related to a Physicians East office visit and contained names, addresses, diagnosis information, treatment information, provider name, and the cost of treatment.
Following the breach, all passwords were changed, and assistance was sought from a cybersecurity company to help improve security.
Coalinga Valley Health Clinics Discovers Improper PHI Access by Former Employee
A former employee of Coalinga Valley Health Clinics, Inc. is alleged to have removed documents from its offices that contained the protected health information of some of its patients.
The Coalinga, CA-based healthcare provider was notified about the alleged data theft by the Coalinga Police Department on April 17, 2020. The employee’s access to health records was immediately terminated and an investigation was launched to determine the extent of the unauthorized access. The Police Department recovered all documents that had been removed from the office and returned them to Coalinga Valley Health Clinics.
Coalinga Valley Health Clinics found no evidence to suggest the documents were taken by the employee in order to misuse patient data, but affected individuals have nonetheless been advised to be alert to the possibility data misuse and have been offered a complimentary 12-month membership to the myTrueIdentity identity theft prevention service.
Coalinga Valley Health Clinics has taken steps to prevent similar breaches in the future and the employee has been terminated.
Email Security Breach Reported by National Cardiovascular Partners
National Cardiovascular Partners, a division of Fresenius Medical Care North America, is alerting patients to a possible breach of their personal and protected health information.
On May 19, 2020, National Cardiovascular Partners discovered an unauthorized individual had gained access to the email account of an employee. The account was immediately secured and an investigation was launched. The investigation revealed the email account was breached on April 27, 2020. A review of the compromised account was completed on June 18, 2020 and confirmed the account contained patients’ protected health information.
National Cardiovascular Partners believes the attack was conducted with the aim of defrauding the company, rather than to obtain patient data. No evidence was found to suggest patient data was accessed or acquired by the attacker.
National Cardiovascular Partners has taken steps to improve email security and further email security training has been provided to its employees. Affected patients have been offered a 12-month complimentary membership to Experian’s IdentityWorks identity theft protection service.
The post 47,754 Individuals Impacted by Lorien Health Services Ransomware Attack appeared first on HIPAA Journal.