Third-party administrator hack leads to theft of patient data for over 251K

A third-party administrator based in Austin, Texas began notifying more than 250,000 patients that their data had been stolen. (U.S. Air Force)

Bay Bridge Administrators, a third-party administrator of insurance products based in Austin, Texas, recently began notifying more than 251,000 patients that their data had been stolen following a network hack in September 2022. rice field.

The “network chaos” was first detected on September 5th, when the BAA secured its network and engaged an outside cybersecurity firm to investigate. According to forensics, the attacker gained access more than a week before he was discovered, allowing him to exfiltrate “certain data” from the network on Sept. 3.

The BBA appears to account for significant delays in notifying patients of the “exhaustive investigation” that ended on December 5. Under the Health Insurance Portability and Accountability Act, covered entities have 60 days without undue delay to notify patients of a potential data breach.

The notice uses language to suggest that the breach was not discovered until months after the initial hack and data theft. The Department of Health and Human Services has issued a warning against this type of notification and requires healthcare providers to notify patients of the potential invasion of privacy.

For BBA-linked patients, the compromised data was linked to “individuals enrolled in managed employment insurance benefits” by business associates in 2022.

The stolen data varies from individual to individual and may include social security numbers, contact details, driver’s license or state identification numbers, medical data, health insurance information, and/or date of birth.

Behavioral Health Providers Report September Hacks and Data Exfiltration

In a similar notice to the BBA, Florida’s Circles of Care has begun notifying 61,170 patients that their data was stolen after a network hack was detected on September 21, 2022.

An investigation developed with the assistance of a third-party independent cybersecurity team found that the attackers first accessed the network on September 6 and used that access to obtain specific information. Did. The investigation he closed on November 29, 2022.

The stolen data included patient names, dates of birth, SSNs, contact information, driver’s license numbers, bank account and routing numbers, medical account numbers, provider names, dates of service, diagnoses, and procedure codes. may be included.

Circles of Care is currently working to strengthen existing cybersecurity safeguards and strengthen employee cybersecurity training and relapse prevention policies.

Ransomware Attack Against Home Care Providers of Texas Affects 124K

The data of 124,363 Home Care Providers of Texas patients was encrypted and may have been exposed after a 2022 ransomware attack.

HCPT learned on June 29 that “part of its network environment was affected by a cyberattack that caused the encryption of certain files stored on the network.” It is unknown if the attack was launched before that date. According to the notice, “In addition to file encryption, an unauthorized third party has removed a limited number of files from the system.”

After the discovery, the team notified law enforcement and launched an investigation. An “extensive forensic investigation and comprehensive review” of the affected data, he concluded on November 15th.

In any event, our investigations confirmed that the attackers actually accessed personal and health information for two weeks in June. Data may include patient name, SSN, date of birth, contact information, treatment, diagnosis, and certain prescription data.

Captify Health reports 3-year hack of patient credit card data

The credit card information of 244,296 patients using Captify Health’s Your Patient Advisor could have been accessed and misused over a three-year period after the attackers installed malicious code on the payment portal. Patient Advisor is an online retailer of colonoscopy prep kits.

The malicious code was discovered after Your Patient Advisor was contacted in March 2021 “regarding possible consumer credit card fraud” in its payment card environment. The news prompted an internal investigation with the help of an outside forensics firm.

The team discovered that malicious code was first injected into the payment platform in May 2019, leading to data exfiltration that lasted until April 20, 2022. Some 18 months later, an analysis concluded on October 13, 2022, may have exposed some information during the lengthy hack.

Data may include name, address, date of birth, payment card number, expiration date and security code. Only payment card data was affected.

Patient advisors have since implemented additional measures to protect the online ordering platform and have taken “steps to ensure the platform is safe and secure for all purchases.” While not a reportable HIPAA violation, it is a reminder that providers review all connected applications used by their patients to ensure data privacy and security.

Mindpath Health reports email hack from early 2022

We don’t know how many have ties to Mindpath Health in California when two of their employee email accounts were hacked in early 2022, but we learned that their data may have been accessed by the attackers. I was.

Mindpath first discovered suspicious activity during routine audits of their email environment, prompting their providers to secure their platforms. A third-party forensics firm assisted in auditing the account and found that the account was accessed twice, in March 2022 and his June 2022.

The investigation will end on November 15, 2022, which may explain the delay in notifying patients. As SC Media previously reported, email hacks often result in delayed patient notification due to the enormous amount of time and effort required for forensics.

For MindPath, the compromised data varies by patient and may include names, SSNs, contact information, date of birth, diagnoses, treatments, health insurance information, and prescriptions.

Elizabeth Hospice reports insider misconduct involving 35,496 patients

California-based The Elizabeth Hospice (TEH) recently told 35,496 current and former patients that their data was compromised after their employees forwarded emails from their employee accounts to their personal email accounts. was notified.

On October 21, TEH discovered that the employee was forwarding business emails to a personal account while on duty at the hospice. The employee no longer belongs to TEH. This discovery prompted an internal review of the employee’s work account and determined that patient information may have been exposed as a result of employee misconduct.

The compromised data included patient names, patient account numbers, admission and discharge dates, and basic health information. It does not contain SSNs, financial account information, or bank card information.

Rose Hospital Reports Cyberattack, Patient Data Exfiltration

Hayward Sisters Hospital d/b/a St. Rose Hospital recently sent a follow-up notice to several patients explaining that patient personal information may have been compromised in the November 29, 2022 cyberattack. bottom.

When the suspicious activity was discovered, an investigation was launched with the help of third-party computer forensics experts. They found that the hacker accessed his systems on multiple computers on the network and “obtained certain files from those systems around November 18, 2022.”

The St. Rose Hospital has since identified the affected files and finished reviewing the data. The results confirmed that the stolen data may include the patient’s name, SSN, date of birth, email her address, and home address. Investigation is ongoing.

The hospital then implemented additional security measures to prevent a recurrence and contacted federal law enforcement.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *