Healthcare Data Breach Report for June 2024
In June 2024, 47 data breaches involving 500 and up healthcare records were reported to the HHS’ Office for Civil Rights (OCR). This is the lowest number of breaches from October 2023 to date. Data […]
In June 2024, 47 data breaches involving 500 and up healthcare records were reported to the HHS’ Office for Civil Rights (OCR). This is the lowest number of breaches from October 2023 to date. Data […]
The debt collection company Financial Business and Consumer Solutions (FBCS) recently informed the Maine Attorney General that a February 2024 breach that was earlier reported as impacting 1,955,385 persons has more than doubled the number […]
The prosthetics and orthotics firm based in Jackson, TN known as Human Technology Inc., and its associates Murphy’s Orthopedic & Footcare, Greer Orthotics & Prosthetics, and Hi-Tech Prosthetics & Orthotics were impacted by a data […]
Pennsylvania revised its data breach notification regulation, limiting the meaning of personal information, including the need to alert the state Attorney General, and the provision of credit monitoring services to victims of data breaches victims […]
The U.S. Department of Labor’s Occupational Safety and Health Administration (OSHA) has recommended the first federal workplace heat standard to safeguard millions of people in America from the health threats connected with exposure to intense […]
The number of reported healthcare data breaches dropped to its lowest for the second month since October 2023. May had 51 data breaches with 500 and up breached healthcare records reported to OCR. This number […]
SecurityScorecard gave the U.S. healthcare industry a B+ rating for cybersecurity during the first 6 months of 2024. This indicates that the industry is doing better in spite of the reported major breaches, including the […]
Medication benefits management service provider A&A Services, also known as Sav-Rx, is facing a class action lawsuit because of a data breach that occurred in October 2023 affecting 2.8 million people. On or about October […]
In 2022, a hacker accessed Medibank’s system, stole the personal and health data of 9.7 million people, and exposed the stolen files on the dark web. This Australian health insurance company has confirmed the ransomware […]
Adventist Health has just reported that an unauthorized individual accessed the protected health information (PHI) of over 70,000 patients of Adventist Health Tulare in California. The security incident happened at its business associate, Signature Performance, […]
The Health Sector Cyber Initiative of the Biden administration has partnered with Microsoft and Google to give critical access and rural hospitals free and discounted cybersecurity services. In 2023, the healthcare industry experienced more ransomware […]
In July 2023, the LockBit ransomware group listed Panorama Eyecare on its data leak website and noted to have stolen 798 GB of files from the doctor-led management services provider based in Fort Collins, CO. […]
The Los Angeles County Department of Mental Health suffered a phishing attack that allowed unauthorized access to the email account of an employee resulting in the compromise of protected health information (PHI) for 1,598 individuals. […]
The Cybersecurity and Infrastructure Security Agency (CISA) included a critical vulnerability identified in the NextGen Healthcare Mirth Connect remote code execution to its Known Exploited Vulnerability (KEV) Catalog. Mirth Connect is a free software integration […]
The Department of Health and Human Services (HHS) Health Sector Cybersecurity Coordination Center (HC3) issued an alert warning the healthcare and public health (HPH) sector against business email compromise (BEC) attacks. This kind of spear […]
Healthcare data breaches dropped by 43% month-over-month. There were 54 data breaches involving 500 and up records reported to the HHS’ Office for Civil Rights. The reported number of breaches this April is the lowest […]
PHI Compromised in Redwood Coast Regional Center Cyberattack Social services organization Redwood Coast Regional Center based in Ukiah, CA offers services and assistance to children and adults who have developmental handicaps. It recently submitted a […]
Federal Judge Dismisses CommonSpirit Health Data Breach Lawsuit Due to Not Enough Standing A federal court judge decided to dismiss a class action lawsuit versus CommonSpririt Health regarding its 2022 data breach because of the […]
March had 93 healthcare data breach reports involving 500 or more records submitted to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR). The number of breaches increased by 50% from […]
OctaPharma Plasma Donation Centers Closed While Investigating Ransomware Attack The Swiss pharmaceutical provider, Octapharma Plasma, experienced a cyberattack that impacted the systems at 190 plasma donation centers located in 35 U.S. states. Those donation centers […]
MedData Pays $7 Million to Resolve Class Action Data Breach Lawsuit Revenue cycle management company MedData based in Spring, TX consented to pay $7 million to resolve a class action lawsuit associated with the breach […]
Seattle Children’s Hospital Website Tracking Technology Lawsuit Dismissed with Prejudice A Washington court dismissed with prejudice the class action lawsuit filed against Seattle Children’s Hospital (SCH) concerning its usage of pixels and other tracking technologies […]
The number of healthcare data breaches reported to the Department of Health and Human Services’ Office for Civil Rights (OCR) in February dropped with 59 data breaches involving 500 and up records reported. The breaches […]
Senator Mark R. Warner (D-VA) presented new legislation that will approve advance and faster payments to healthcare companies in case of a cyberattack. The new legislation was prompted by the ransomware attack on Change Healthcare, […]
The Department of Health and Human Services’ Office for Civil Rights (OCR) has released updates on the guidance for entities covered by the Health Insurance Portability and Accountability Act (HIPAA) about online tracking technologies. The […]
NSA Releases Guidance on Implementing Zero Trust to Restrict Lateral Movement The National Security Agency (NSA) has released guidance on implementing zero trust security to restrict lateral movement inside a network when a threat actor […]
The Department of Health and Human Services (HHS) has reported the Blackcat ransomware attack on UnitedHealth Group-managed Change Healthcare in February 2024. The attack affected over 100 of Change Healthcare’s systems, which subsequently impacted the […]
Feds Alerts Healthcare Industry Concerning ALPHV/Blackcat Ransomware Group A joint cybersecurity notification was given by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human […]
Ransomware Attack on Maryland Psychotherapy Provider Ended in HIPAA Penalty The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) resolved the supposed Health Insurance Portability and Accountability Act (HIPAA) violations with […]
January had 61 data breach reports involving 500 and up records submitted to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), a 22% month-over-month decrease in reported data breaches. […]
California AG Accepts $5 Million Settlement with Quest Diagnostics Concerning Improper Disposal of Waste and Patient Information California Attorney General Rob Bonta has reported that a $5 million settlement with Quest Diagnostics has been approved […]
U.S. Fertility Offers to Pay $5.75 Million Settlement of Class Action Data Breach Lawsuit U.S. Fertility LLC, which operates over 100 fertility clinics throughout the U.S., has offered to pay $5.75 million to resolve a […]
Lincare Holdings Offers $7.25 Million Settlement of Data Breach Lawsuit Regarding the Lincare Holdings Inc. Data Breach Litigation, Lincare Holdings proposed a $7.25 million settlement to resolve the class action lawsuit filed over a data […]
Netherlands COVID-19 Testing Laboratory Database Exposed A medical lab based in the Netherlands that was used as a COVID-19 testing center has left a database compromised online that included the sensitive information of about 1.3 […]
December had the second-highest number of data breach reports for 2023. The Department of Health and Human Services (HHS) Office for Civil Rights had 74 healthcare data breach reports involving 500 and up records in […]
Singing River Health System has reported the compromise of the PHI of 253,000 patients due to a ransomware attack in August 2023. Data breach reports from Fincantieri Marine Group, Highlands Oncology Group, Family Healthcare, and […]
Class action lawsuits had been filed against ESO Solutions because of a recently announced cyberattack and data breach that impacted just about 2.7 million people. The data breach affected sensitive data like names, contact details, […]
November’s reported breaches involving 500 and up healthcare records increased by 45% with 61 big data breaches reported to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR). For the 2023 […]
Liberty Hospital based in Kansas City is dealing with a cyberattack that has upset its IT systems. The cyberattack was discovered on December 19, 2023, and it was decided to reroute ambulances to other hospitals […]
Proliance Surgeons Faces Lawsuit Over Ransomware Attack and Data Breach Surgery group Proliance Surgeons based in Seattle, Washington is facing a class action lawsuit due to a recently reported ransomware attack and data breach that […]
CarePointe ENT Resolves HIPAA Lawsuit with Indiana Attorney General At the end of September 2023, Indiana Attorney General Todd Rokita submitted a lawsuit against CarePointe ENT involving a ransomware attack that resulted in a data […]
Longhorn Imaging Center Data Breach South Austin Health Imaging LLC, dba Longhorn Imaging Center based in Austin, TX, has just reported a case of hacking to the HHS’ Office for Civil Rights indicating that 100,643 […]
October saw a drop in the number of reported data breaches involving 500 or more healthcare records. Only 40 data breaches were reported by HIPAA-regulated entities in October, making the 12-month average of 54 breaches […]
About 9 million patients were impacted by a cyberattack on Perry Johnson & Associates. This transcription service provider’s data breach is the second-biggest healthcare data breach this 2023 and it is the 6th biggest healthcare […]
Doctors’ Management Services to Pay OCR $100,000 to Settle HIPAA Probe The HHS’ Office for Civil Rights (OCR) has agreed to accept $100,000 from Doctors’ Management Services to settle a ransomware attack and data breach […]
Brooklyn Premier Orthopedics (BPO) based in New York has reported the potential access and theft of the protected health information (PHI) of 48,459 patients in a recent cyberattack. As per BPO’s breach notice dated October […]
Healthcare data privacy improved in September with the least reported healthcare data breaches since February 2023. There were 48 data breaches involving 500 and up records reported to the HHS’ Office for Civil Rights (OCR) […]
The Medicare and Medicaid plan provider, CareSource, based in Dayton, OH is facing multiple class action lawsuits associated with a cyberattack that resulted in a data breach. The Clop ransomware group took advantage of a […]
Healthcare data breaches in August increased by 21.4% month-over-month. There were 68 data breaches involving 500 or more records that were reported to the HHS’ Office for Civil Rights. August is now the second-worst month […]
284K Oak Valley Hospital District Patients Affected By Cyberattack Oak Valley Hospital District in Oakdale, CA, has recently informed 283,629 patients concerning the exposure of their sensitive information due to a cybersecurity incident. The hospital […]
TikTok’s $368 Million Penalty for Child Privacy Violations The Irish Data Protection Commission (DPC) has reported that it finally made a decision regarding its inquiry into TikTok. It imposed a financial penalty of €345 million […]
Two Class Action Lawsuits Filed Against CentroMed Over 350,000-Record Data Breach El Centro Del Barrio, doing business as CentroMed in San Antonio, TX, is dealing with two class action lawsuits because of a cyberattack in […]
Fashion merchant Forever 21 has informed the Maine Attorney General about a data breach wherein the health plan information of 539,207 present and past employees was compromised. Forever 21 sent breach notification letters to all […]
Potential HIPAA Right of Access Violation Resolved for $80,000 The UnitedHealthcare Insurance Company (UHIC) agreed to pay $80,000 to resolve an alleged inability to give prompt access to Protected Health Information (PHI). The voluntary settlement […]
Reported data breaches in July dropped by 15.2% with 56 breaches involving 500 and up records reported to the HHS OCR making July just an average month in terms of data breaches. In the last […]
1.2 Million Record Data Breach Results in Tampa General Hospital Lawsuit Tampa General Hospital (TGH) is getting sued for a data breach wherein hackers acquired access to the sensitive information of about 1.2 million individuals. […]
As per the Department of Health and Human Services Office for Civil Rights (OCR) breach website, there is a 12% month-over-month decrease in the number of healthcare data breaches involving 500 and up records. HIPAA-covered […]
Good Samaritan Hospital Resolves Class Action Data Breach Lawsuit Good Samaritan Hospital located in San Jose, CA, has decided to resolve a class action lawsuit that was submitted because of a data breach that compromised […]
May 2023 was notably bad with regard to healthcare data breaches. There were 75 data breaches involving 500 and up healthcare records reported to the HHS’ Office for Civil Rights (OCR). Month-over-month, May’s reported data […]
TimisoaraHackerTeam Ransomware Group Connected to New Attack on U.S. Cancer Center There is an alert concerning a somewhat unknown threat group referred to as TimisoaraHackerTeam after a new attack on a U.S. healthcare center. TimisoaraHackerTeam […]
Patient Information Potentially Lost Because of Mercy Medical Center – Clinton Cyberattack Mercy Medical Center – Clinton has advised 20,865 patients concerning a security incident that impacted its system. It discovered the security breach on […]
New StopRansomware Guide Published by CISA & Partners The StopRansomware Guide has an updated version published including additional recommendations about things to do to minimize the threat of ransomware attacks. This guide is a one-stop […]
Theft of Harvard Pilgrim Health Care Member Data During Ransomware Attack Point32Health, the second-biggest health insurance company in Massachusetts, reported in April 2023 that it encountered a ransomware attack that triggered system breakdowns, which include […]
The number of reported healthcare data breaches dropped by 17.5% as 52 cases involving 500 or more data files were reported to the HHS’ Office for Civil Rights (OCR). This number is below the 12-month […]
OCR Issues $350,000 Penalty to Arkansas Business Associate for Impermissible ePHI Disclosure The HHS’ Office for Civil Rights (OCR) has reached a settlement with regards to the Arkansas business associate HIPAA investigation involving the impermissible […]
Pittsburgh Counselor Pays $15,000 Penalty for HIPAA Right of Access Violation The HHS’ Office for Civil Rights reported its 44th enforcement action associated with the HIPAA Right of Access initiative. David Mente, MA, LPC, a […]
Mailing Error at CMS Vendor Impacts 10,000 Medicare Beneficiaries The Centers for Medicare & Medicaid Services (CMS) has began informing a number of Medicaid beneficiaries regarding an impermissible disclosure of their protected health information (PHI) […]
Monthly data breach reports include data breaches involving 500 and up records that were reported each month to the Department of Health and Human Services’ Office for Civil Rights (OCR). The monthly reports show the […]
109K-Record Data Breach at Online Alcohol Counseling Service Provider Alcohol addiction and treatment service provider Monument Inc. based in New York recently informed about 109,000 persons regarding an impermissible disclosure of their personal data and […]
In the last 12 months, there is an increase in ransomware and phishing attacks on companies. Costs related to such attacks also increased. According to IBM Security, in 2022, the data breach average cost is […]
Lawsuits Increase Against DC Health Link Because of Congress Members’ Data Breach Online medical insurance marketplace, DC Health Link, is facing no less than two class action lawsuits over a hacking incident that affected 56,415 […]
Over the past three months, the number of healthcare data breach reports has remained somewhat the same. February just had a little increase in breaches with 43 data breaches involving at least 500 records reported […]
3,100 Patients Records Impermissibly Viewed by Beacon Health System Employee Beacon Health System (BHS) based in South Bend, IN reported that an employee accessed the health records of 3,117 patients without valid work reason. BHS […]
HHS Restructuring Needed to Increase Efficiency of HIPAA Enforcement The U.S. Department of Health and Human Services (HHS) has restructured its Office for Civil Rights (OCR) and has established new divisions that are going to […]
January is often a quiet month for healthcare data breaches and January 2023 was no different. There were 40 data breaches involving 500 and up records reported to the HHS’ Office for Civil Rights. The […]
Digital marketing agency, Rise Interactive Media & Analytics, LLC, based in Illinois recently reported that attackers acquired access to its digital platform on November 14, 2022, and possibly viewed or extracted the information of a […]
The Federal Trade Commission (FTC) recently reported the first-ever financial penalty for an FTC Health Breach Notification Rule violation. Allegedly, GoodRx failed to send notification letters to its clients who had their PHI shared with […]
At the end of January, the U.S. Department of Labor Occupational Safety and Health Administration (OSHA) issued new enforcement guidance that lets the agency take a more aggressive position on critical violations of the Occupational […]
San Andreas Regional Center Offers to Settle 2021 Ransomware Attack Lawsuit San Andreas Regional Center has decided to resolve a class action lawsuit associated with a July 2021 ransomware attack whereby hackers acquired access to […]
Blackberry has lately released its Global Threat Intelligence Report, which gives useful and contextualized intelligence that may be employed to enhance cyber strength. The report used information gathered by Blackberry and threat intelligence furnished by […]
CommonSpirit Health is facing one more lawsuit because of a ransomware attack and data security breach in 2022 that states the nation’s biggest catholic health system did not use acceptable and proper safety measures to […]
BayCare Clinic Reported Data Breach Related to Pixel The healthcare provider BayCare Clinic, LLP based in Wisconsin lately reported that the protected health information (PHI) of around 134,000 patients was impermissibly disclosed to unauthorized third […]
Using AI in healthcare has a lot of advantages, such as the acceleration of drug creation and the analysis of medical images. However, the same AI systems that help healthcare can likewise be employed for […]
Mayo Clinic has resolved one more lawsuit that resulted from a data breach that involve a previous employee, who was found to have viewed the data of patients with no permission, which includes nude pictures. […]
Although it is hard to get exact information on the number of ransomware attacks being done on healthcare companies, the available information indicates a drop in attacks throughout all industries when compared to the number […]
There are fewer reported healthcare data breaches for two consecutive months. December 2022 had 40 data breaches involving 500 and up healthcare records, which is the lowest monthly number in 2022. The reported healthcare data […]
Healthcare ransomware attacks have increased twofold in the past 5 years, file recovery from backups has dropped, and it is now usual for information to be stolen and released to the public right after a […]
Several lawsuits were filed against Shields Health Care Group in Massachusetts in relation to one of the biggest healthcare data breaches in 2022, where nearly 2 million people were affected. The lawsuits were combined into […]
The health system CommonSpirit Health based in Chicago, IL is dealing with a class action lawsuit due to a ransomware attack in October 2022. Malicious actors accessed its IT network on September 16, 2022, and […]
The practices of acquiring permission from users of Facebook and Instagram to utilize their personal information for marketing purposes have been subject to a lengthy investigation. Finally, Meta has been penalized €390 million or $414 […]
Heartland Alliance located in Chicago, IL, a social justice and human rights organization, announced on December 15, 2022, that it experienced a cyberattack. The organization discovered the security breach on January 26, 2022, and took […]
In June 2022, it was reported that Fitzgibbon Hospital based in Marshall, MO suffered a ransomware attack, which the DAIXIN Team threat group claimed responsibility for. According to the group’s spokesperson, the hospital’s systems were […]
Many ransomware attacks are still carried out on healthcare companies, however, finding out the magnitude to which healthcare providers are being attacked by ransomware groups is a difficult task. Ransomware attack victims do not usually […]
Fertility Centers of Illinois has offered to pay $450,000 to settle a lawsuit submitted on behalf of patients and staff members who were impacted by its data breach in February 2021. On February 1, 2021, […]
November had 31% fewer healthcare data breaches reported compared to October 2022. November had a total of 49 breaches involving 500 and up records, which is below the 58 breaches per month 12-month average. In […]
Plaintiffs in a consolidated class action lawsuit against Meta lately sought an injunction versus Meta to make the company discontinue accumulating and transmitting information gathered from the sites of healthcare companies via Meta Pixel tracking […]
Midwest Orthopaedic Consultants based in Illinois has reported that unauthorized persons accessed its computer system and encrypted files using ransomware. The healthcare provider detected the cyberattack on September 29, 2022, and took steps right away […]
Morley Companies has decided to resolve a class action lawsuit sent in on behalf of persons impacted by a big data breach that happened on or about August 1, 2022. Funding of $4.3 million was […]
Avem Health Partners based in Oklahoma City provides healthcare companies with administrative and technology services. It recently began informing its healthcare clients regarding a data breach that happened at 365 Data Centers, its vendor. 365 […]
An ex-nurse working at the Roswell Park Comprehensive Cancer Center based in Buffalo, NY was sentenced to serve 37 months in jail for tinkering with and stealing controlled prescription drugs meant for patients with cancer. […]
© Copyright 2003 to 2024 calHIPAA