Lake Charles Memorial Well being System Cyberattack Impacts Virtually 270,000 Sufferers

Lake Charles Memorial Well being System Cyberattack Impacts Virtually 270,000 Sufferers

Health System

Southwest Louisiana Well being Care System, Inc. has confirmed that the protected well being info of as much as 269,752 sufferers of Lake Charles Memorial Well being System has been compromised. The Louisiana healthcare system mentioned suspicious exercise was detected by its safety workforce on October 21, 2022, and steps had been taken to include the exercise and examine a possible breach. On October 25, it was confirmed that an unauthorized third get together had gained entry to the community, with the forensic investigation confirming the assault began between October 20 and October 21, 2022, and concerned the theft of affected person knowledge from the community.

The assessment of the exfiltrated information decided they contained info comparable to names, addresses, dates of delivery, medical file numbers, affected person identification numbers, medical health insurance info, cost info, and restricted scientific info. Some Social Safety numbers had been additionally compromised. Notification letters had been despatched to affected people on December 23, 2022, and complimentary credit score monitoring and id theft safety companies have been supplied to people whose Social Safety numbers had been compromised.

Southwest Louisiana Well being Care System didn’t disclose the precise nature of the cyberattack, however the Hive ransomware gang claimed duty. Whereas Hive is thought for utilizing ransomware to encrypt information, the gang claims solely to have exfiltrated affected person knowledge. Recordsdata weren’t encrypted. A ransom demand was issued, cost of which was required to make sure the stolen knowledge was deleted. Cost doesn’t seem to have been made because the Hive gang began dumping the stolen knowledge final month.

FoundCare Electronic mail Account Breach Impacts 14,000 Sufferers

The Palm Springs, FL-based federally certified well being middle, FoundCare Inc., has introduced that unauthorized people have gained entry to its e-mail setting and doubtlessly seen or obtained emails and information that contained the protected well being info of 14,194 sufferers.

Lake Charles Memorial Well being System Cyberattack Impacts Virtually 270,000 Sufferers

Get The HIPAA
Compliance Guidelines

Free and Rapid Obtain

Delivered through e-mail so please make sure you enter your e-mail tackle appropriately.

Your Privateness Revered

HIPAA Journal Privateness Coverage

Suspicious exercise was detected inside its e-mail setting on September 2, 2022, and a third-party digital forensics agency was engaged to conduct an investigation. FoundCare mentioned it decided on October 18, 2022, that information within the e-mail account contained affected person knowledge. The assessment of these information and verification of affected person include info has not too long ago concluded and notification letters are actually being despatched to the affected people. Knowledge uncovered within the assault included names, addresses, e-mail addresses, bank card numbers, Social Safety numbers, delivery dates, passport numbers, different authorities ID numbers, medical situations, diagnoses, therapy info, medical health insurance info, and inner affected person identifiers. FoundCare mentioned the overwhelming majority of people solely had restricted medical info uncovered.

FoundCare has carried out further safety measures in response to the breach, together with turning on multifactor authentication for all customers, blocking fundamental authentication measures, including a warning to all emails from new e-mail addresses, and offering steady phishing consciousness coaching to all workers.

Ransomware Assault Impacts 6,800 Sufferers of Midwest Orthopaedic Consultants

Midwest Orthopaedic Consultants in Illinois has introduced that unauthorized people gained entry to its laptop community and used ransomware to encrypt information. The cyberattack was detected on September 29, 2022, and steps had been instantly taken to include the assault. A 3rd-party forensic safety agency was engaged to research the breach and decided that the attackers gained entry to the community on September 27, 2022, and exfiltrated sure paperwork earlier than encrypting information. Midwest Orthopaedic Consultants found on November 4 that the information contained affected person knowledge, with a complete assessment of these paperwork confirming on November 21, 2022, that individually identifiable well being info had been uncovered comparable to names, addresses, delivery dates, Social Safety numbers, driver’s license numbers, prognosis and therapy info, and medical health insurance info. Notification letters had been despatched to affected people on December 22, 2022. Midwest Orthopaedic Consultants mentioned the encrypted information had been recovered from backups.

Complimentary id theft safety companies have been supplied to people whose Social Safety numbers or driver’s license numbers had been compromised and extra technical measures have been carried out to forestall comparable incidents sooner or later. The breach has been reported to the HHS’ Workplace for Civil Rights as affecting 6,818 sufferers.

MultiCare Well being System Affected by ransomware Assault on Mailing Vendor

MultiCare Well being System in Washington has not too long ago confirmed that the protected well being info of greater than 23,000 sufferers has doubtlessly been compromised in a knowledge breach at its mailing vendor, Kaye-Smith. Kaye-Smith detected suspicious exercise inside its digital setting in June 2022. The forensic investigation revealed hackers had gained entry to its methods and used ransomware to encrypt information discretely since Might 2022. MultiCare Well being System was considered one of a number of well being methods to be affected by the incident.

MultiCare Well being System mentioned the attackers might have accessed or acquired information that contained sufferers’ names, addresses, and Social Safety numbers. Kaye-Smith mentioned it has enhanced safety and monitoring in response to the incident.

Collections Vendor Knowledge Breach Impacts Prairie Lakes Healthcare Sufferers

Watertown, SD-based Prairie Lakes Healthcare System, which serves sufferers in South Dakota and Western Minnesota, has not too long ago introduced that the protected well being info of 1,059 sufferers has been uncovered in a knowledge breach at considered one of its enterprise associates. Prairie Lakes Healthcare makes use of AAA Collections, Inc. which does enterprise as Superior Asset Alliance (AAA), to gather unpaid medical payments.

Between September 5, 2022, and September 7, 2022, hackers gained entry to AAA’s methods and doubtlessly obtained information containing the protected well being info of sufferers of Prairie Lakes Healthcare and former Glacial Lakes Orthopaedics sufferers. An evaluation of the information confirmed they contained info comparable to names, addresses, dates of delivery, medical file numbers, supplier/facility names, situations, diagnoses, therapy info, cost info, and dates of service. Notifications had been mailed by AAA to affected people on December 15, 2022. Prairie Lakes Healthcare mentioned it’s working with its vendor to forestall comparable occasions from occurring sooner or later.