Cross Timbers Health Clinics located in Brownwood, Texas, doing business with the brand AccelHealth, encountered a ransomware attack last December 15, 2021, which kept the Federally Qualified Health Center from obtaining access to a number of files and folders on its system. AccelHealth employed third-party forensics experts to look into the security breach who confirmed that unauthorized persons initially obtained access to its network on December 9, 2021.
For the 6 days when the attackers had access to the system, they might have seen or obtained files comprising patient details. A complete assessment of all files on the exposed parts of the network showed they held the protected health information (PHI) of 48,126 patients, which include names, addresses, dates of birth, driver’s license numbers, financial account data, Social Security numbers, medical insurance data, treatment, and diagnosis details and medical record numbers.
There was no proof identified of data exfiltration and, when sending notification letters, no report was acquired that indicate attempted or actual improper use of patient information. AccellHealth mentioned more technical security steps are being enforced to avert more cyberattacks and affected people were provided free credit monitoring services.
Pace Center for Girls Reports 11-Month System Breach
Pace Center for Girls based in Jacksonville, FL offers a 6-12 education program for at-risk teen girls. It has been learned that unauthorized individuals accessed selected infrastructure systems and possibly viewed or obtained the sensitive files of present and past students.
The data breach was noticed in the week including December 13, 2021, and the succeeding investigation affirmed last January 2021 that unauthorized persons got access to sections of its IT system that comprised sensitive data. The breached records included students’ complete names, telephone numbers, addresses, birth dates, Florida Department of Juvenile Justice ID numbers, enrollment details, parent/guardian names, and behavioral health data.
Pace Center for Girls explained a third-party cybersecurity company was retained to help protect its system and physical computer access and examine its data safety and gateway security systems. Supplemental security procedures will be carried out, as needed, to better secure against unauthorized access. Impacted persons were instructed to put fraud notifications with Equifax, Transunion, and Experian to determine any bogus use of their personal details. The breach report was sent to the HHS’ Office for Civil Rights indicating that around 18,300 people were impacted.