(844) 627-8267 | Info@NationalCyberSecurity
(844) 627-8267 | Info@NationalCyberSecurity
0

Atlantic General Hospital Increases Ransomware Victim Count to Almost 140,000 Individuals | #ransomware | #cybercrime


In March 2023, Atlantic General Hospital notified the Maine Attorney General that it had fallen victim to a ransomware attack in which the protected health information of 30,704 individuals was exposed; however, the ransomware attack was far more extensive than was previously thought and the total has been upwardly revised to 136,981 individuals.

The attack was detected on January 29, 2023, and the forensic investigation confirmed hackers had access to its network between January 20 and January 29, 2023. The initial review of files that were potentially compromised in the breach was completed on March 6, 2023, and confirmed that names, medical record numbers, treating/referring physician names, health insurance information, subscriber numbers, medical history information, and diagnosis/treatment information may have been accessed or acquired. Notification letters were sent on March 24, 2023, and complimentary credit and identity monitoring services were offered to affected individuals.

The investigation into the attack continued, and additional files were discovered to have been compromised. The review of those files was completed on May 15, 2023, and after obtaining up-to-date contact information, additional notification letters were sent to affected individuals on June 22, 2023. The compromised information included names in combination with one or more of the following: Social Security number, date of birth, financial account information, medical/treatment information, and health insurance information. Those individuals have also been offered complimentary credit and identity monitoring services. Atlantic General Hospital says it is working on implementing additional safeguards to improve data security and has provided further training to its workforce.

Palomar Health Patients Impacted by PharMerica Ransomware Attack

Palomar Health in San Diego, CA, has recently confirmed that patient data was exposed in a ransomware attack on its business associate, PharMerica, a nationwide provider of pharmacy services. The ransomware attack was detected on or around March 14, 2023, and the forensic investigation confirmed that at least 5,815,591 individuals had been affected. The attack was conducted by the Money Message ransomware group, which added the stolen data to its leak site in late March. The attack has been covered in more detail here.

Get the FREE
HIPAA Compliance Checklist

Delivered via email so please ensure you enter your email address correctly.

Your Privacy Respected

HIPAA Journal Privacy Policy

Palomar Health has confirmed that the following data was potentially compromised in the attack: name, address, date of birth, Social Security number, medications, and health insurance information. Individuals affected received care at Palomar Continuing Care Center in Escondido or The Villas at Poway (Villa Pomerado) between 2001 and 2020. PharMerica is offering complimentary credit and identity theft monitoring services to the affected individuals and is issuing notification letters to patients directly. It is currently unclear how many Palomar Health patients have been affected.

Desert Physicians Management Cyberattack Affects Patients of its Healthcare Provider Clients

Desert Physicians Management in Apple Valley, CA, a provider of administrative support services to physicians’ groups, including Choice Physicians Network/Choice Medical Group, Choice Healthcare Associates, and Horizon Valley Medical Group, has recently announced that unauthorized individuals gained access to its computer systems and copied certain files from its network.

The security breach was detected on April 23, 2023, and the forensic investigation confirmed on or around May 18, 2023, that some of the files acquired by the attackers included protected health information provided by its healthcare provider clients. The compromised information was limited to names, addresses, dates of birth, health insurance information, and clinical information, including diagnosis, treatment information, and/or medication information. Desert Physicians Management said additional security measures have been implemented to help prevent similar incidents from occurring in the future.



Source link

National Cyber Security

FREE
VIEW