Lorien Health Services based in Ellicott City, MD, which manages 9 assisted living facilities throughout Maryland had encountered a ransomware attack on June 6, 2020.
Third-party cybersecurity specialists assisted with the investigation to ascertain whether the attackers accessed patient information. On June 10, 2020, the investigators confirmed that the hackers had accessed files with the names of residents, dates of birth, addresses, diagnoses, treatment details, and some workers’ Social Security numbers. Some of that data was stolen by the attackers.
The operators of Netwalker ransomware conducted the attack. Because Lorien Health Services did not pay the attackers’ ransom, a part of the stolen data was published on the internet.
Lorien Health reported the incident to the FBI who investigated the ransomware attack. The company also reported to the Department of Health and Human Services indicating that the protected health information (PHI) of 47,754 people was compromised. The affected individuals received offers of complimentary credit monitoring and identity theft protection services. The breach notification letters were sent out to all impacted people on June 16, 2020, just 10 days following the attack.
Security Breach at Accu Copy of Greenville Impacts 21,800 Patients
Accu Copy of Greenville, Incorporated in NC provides businesses with printing and billing statement mailing services. Unauthorized individuals acquired access to one of its servers and might have accessed the records that contain the PHI of patients of the healthcare provider Physicians East, which serves eastern North Carolina.
Accu Copy discovered the breach on April 10, 2020 and immediately worked on preventing any more unauthorized PHI access. The breach investigation results showed that the unauthorized individual began accessing the server on April 1, 2020. Accu Copy confirmed on May 15, 2020 that patient PHI might have been accessed. The review of the records on the server was finished on June 26, 2020.
The server was determined to have the billing statements for 21,800 patients. The statements linked to patient visits to a Physicians East office and contained names, addresses, diagnosis data, treatment details, the cost of treatment and provider name.
After the breach, all passwords were altered, and support was sought from a cybersecurity firm to help enhance security.
Improper PHI Access by Former Staff of Coalinga Valley Health Clinics
An old employee of Coalinga Valley Health Clinics, Inc. in Coalinga, CA is accused of removing records containing some patients’ PHI from its offices.
The Coalinga Police Department notified the healthcare provider about the supposed data theft on April 17, 2020. Coalinga Valley Health Clinics immediately terminated the employee’s access to medical records and started an investigation to find out the scope of unauthorized access. The Police Department was able to recover all documents taken from the office and gave them back to the health provider.
Coalinga Valley Health Clinics did not find any evidence that suggests the employee took the documents with the intention to misuse patient data. Nonetheless, the affected persons were instructed to stay alert to the probability of data misuse. The affected persons received a free one-year myTrueIdentity identity theft prevention service membership.
Coalinga Valley Health Clinics took the necessary steps to avert the occurrence of the same breaches later on. The employee is now terminated from work.