Seneca Family of Agencies, a California provider of mental health, education, juvenile justice, placement, and permanency services, identified unauthorized activity within its computer systems on August 27, 2021. Action was immediately taken to secure its systems and prevent further unauthorized access, with the subsequent investigation confirming its systems were compromised on August 25.
While no evidence of actual or attempted misuse of information has been identified, it is possible protected health information was compromised. The types of information stored on the affected systems differed from patient to patient and may have included the following data elements: name, date of birth, Social Security number, address, phone number, email address, medical record number, treatment/diagnosis information, health insurance information, Medicare/Medicaid number, provider name, prescription information, driver’s license/state identification number, and/or digital signature.
Seneca Family of Agencies said, as a precaution, affected individuals are being offered credit monitoring and identity protection services at no cost. Additional security measures have now been implemented to better protect information stored on its systems.
According to the breach report submitted to the HHS’ Office for Civil Rights, the protected health information of 2,470 individuals may have been compromised.
PHI of 3,000 Individuals Potentially Compromised in Las Vegas Cancer Center Ransomware Attack
Las Vegas Cancer Center has announced it was the victim of a ransomware attack over the Labor Day weekend. The cyberattack was discovered on September 7, 2021, when the center re-opened.
The attackers succeeded in encrypting data on its network and, prior to using ransomware, may have exfiltrated the protected health information of current and former patients including names, addresses, dates of birth, Social Security numbers, medical record numbers, and health insurance information.
Las Vegas Cancer Center said it had implemented multiple cybersecurity measures to prevent unauthorized access prior to the attack. While patient data may have been exfiltrated, it was stored in a proprietary format so is not believed to have been accessed by the attackers. The cancer center also said no evidence of data theft was found nor was any ransom demand.
The post Cyberattacks Reported by Las Vegas Cancer Center and Seneca Family of Agencies appeared first on HIPAA Journal.