Southwest Louisiana Health Care System, Inc. has confirmed that the protected health information of up to 269,752 patients of Lake Charles Memorial Health System has been compromised. The Louisiana healthcare system said suspicious activity was detected by its security team on October 21, 2022, and steps were taken to contain the activity and investigate a potential breach. On October 25, it was confirmed that an unauthorized third party had gained access to the network, with the forensic investigation confirming the attack started between October 20 and October 21, 2022, and involved the theft of patient data from the network.
The review of the exfiltrated files determined they contained information such as names, addresses, dates of birth, medical record numbers, patient identification numbers, health insurance information, payment information, and limited clinical information. Some Social Security numbers were also compromised. Notification letters were sent to affected individuals on December 23, 2022, and complimentary credit monitoring and identity theft protection services have been offered to individuals whose Social Security numbers were compromised.
Southwest Louisiana Health Care System did not disclose the exact nature of the cyberattack, but the Hive ransomware gang claimed responsibility. While Hive is known for using ransomware to encrypt files, the gang claims only to have exfiltrated patient data. Files were not encrypted. A ransom demand was issued, payment of which was required to ensure the stolen data was deleted. Payment does not appear to have been made as the Hive gang started dumping the stolen data last month.
FoundCare Email Account Breach Affects 14,000 Patients
The Palm Springs, FL-based federally qualified health center, FoundCare Inc., has announced that unauthorized individuals have gained access to its email environment and potentially viewed or obtained emails and files that contained the protected health information of 14,194 patients.
Suspicious activity was detected within its email environment on September 2, 2022, and a third-party digital forensics firm was engaged to conduct an investigation. FoundCare said it determined on October 18, 2022, that files in the email account contained patient data. The review of those files and verification of patient contain information has recently concluded and notification letters are now being sent to the affected individuals. Data exposed in the attack included names, addresses, email addresses, credit card numbers, Social Security numbers, birth dates, passport numbers, other government ID numbers, medical conditions, diagnoses, treatment information, health insurance information, and internal patient identifiers. FoundCare said the vast majority of individuals only had limited medical information exposed.
FoundCare has implemented additional security measures in response to the breach, including turning on multifactor authentication for all users, blocking basic authentication measures, adding a warning to all emails from new email addresses, and providing continuous phishing awareness training to all employees.
Ransomware Attack Affects 6,800 Patients of Midwest Orthopaedic Consultants
Midwest Orthopaedic Consultants in Illinois has announced that unauthorized individuals gained access to its computer network and used ransomware to encrypt files. The cyberattack was detected on September 29, 2022, and steps were immediately taken to contain the attack. A third-party forensic security firm was engaged to investigate the breach and determined that the attackers gained access to the network on September 27, 2022, and exfiltrated certain documents before encrypting files. Midwest Orthopaedic Consultants discovered on November 4 that the files contained patient data, with a comprehensive review of those documents confirming on November 21, 2022, that individually identifiable health information had been exposed such as names, addresses, birth dates, Social Security numbers, driver’s license numbers, diagnosis and treatment information, and health insurance information. Notification letters were sent to affected individuals on December 22, 2022. Midwest Orthopaedic Consultants said the encrypted files were recovered from backups.
Complimentary identity theft protection services have been offered to individuals whose Social Security numbers or driver’s license numbers were compromised and additional technical measures have been implemented to prevent similar incidents in the future. The breach has been reported to the HHS’ Office for Civil Rights as affecting 6,818 patients.
MultiCare Health System Affected by ransomware Attack on Mailing Vendor
MultiCare Health System in Washington has recently confirmed that the protected health information of more than 23,000 patients has potentially been compromised in a data breach at its mailing vendor, Kaye-Smith. Kaye-Smith detected suspicious activity within its digital environment in June 2022. The forensic investigation revealed hackers had gained access to its systems and used ransomware to encrypt files discretely since May 2022. MultiCare Health System was one of several health systems to be affected by the incident.
MultiCare Health System said the attackers may have accessed or acquired files that contained patients’ names, addresses, and Social Security numbers. Kaye-Smith said it has enhanced security and monitoring in response to the incident.
Collections Vendor Data Breach Affects Prairie Lakes Healthcare Patients
Watertown, SD-based Prairie Lakes Healthcare System, which serves patients in South Dakota and Western Minnesota, has recently announced that the protected health information of 1,059 patients has been exposed in a data breach at one of its business associates. Prairie Lakes Healthcare uses AAA Collections, Inc. which does business as Advanced Asset Alliance (AAA), to collect unpaid medical bills.
Between September 5, 2022, and September 7, 2022, hackers gained access to AAA’s systems and potentially obtained files containing the protected health information of patients of Prairie Lakes Healthcare and former Glacial Lakes Orthopaedics patients. An analysis of the files confirmed they contained information such as names, addresses, dates of birth, medical record numbers, provider/facility names, conditions, diagnoses, treatment information, payment information, and dates of service. Notifications were mailed by AAA to affected individuals on December 15, 2022. Prairie Lakes Healthcare said it is working with its vendor to prevent similar events from occurring in the future.
The post Lake Charles Memorial Health System Cyberattack Affects Almost 270,000 Patients appeared first on HIPAA Journal.