Singing River Health System has reported the compromise of the PHI of 253,000 patients due to a ransomware attack in August 2023. Data breach reports from Fincantieri Marine Group, Highlands Oncology Group, Family Healthcare, and Senior Scripts were also submitted.
253,000 Singing River Health System Patients Affected by Ransomware Attack
Singing River Health System based in Mississippi encountered a ransomware attack last August 2023 that made its IT systems, including its electronic medical record system, inaccessible for several days. With no access to patient information and important IT systems, healthcare operations were interrupted, though the healthcare provider still offered care to patients. The Rhysida ransomware group professed to be responsible for the cyberattack.
The health system detected the attack on August 19, 2023. The forensic investigation revealed that unauthorized network access began on August 16 until August 18, 2023. In the first announcement regarding the attack, it was uncertain whether patient information was affected. As of the deadline for breach reporting to the HHS’ Office for Civil Rights, the number of patients affected was still uncertain, so the breach report had an interim number of 501 persons.
It was on September 13, 2023 that Singing River Health System reported the confirmed theft of data from its systems. There was an update on October 18, 2023 but no confirmation on the extent of the breach was given. On December 18, 2023, Singing River Health System stated that the attack compromised the PHI of 252,890 patients. The breached data included names, birth dates, addresses, medical data, and Social Security numbers.
The health system mailed notification letters to the impacted persons on January 12, 2023, and offered them free identity theft protection and credit monitoring services.
PHI of 11,535 Fincantieri Marine Group Plan Members Exposed
Fincantieri Marine Group, LLC, the Italian shipbuilder in the U.S., has reported the compromise of the PHI of 11,535 group health plan members due to a ransomware attack in April 2023. Fincantieri mentioned the attack was discovered on April 12, 2023, and the shutdown resulted in production disruption for several days. The affected servers provided data that is used by the machines for welding, cutting, and other production processes.
Fincantieri reported the cyber attack in April 2023, but there was no clear information on the extent of the attack. Currently, the company confirmed that the threat actors got access to its system from April 6, 2023 to April 12, 2023. In that time, files had been extracted from its system. On November 6, 2023, Fincantieri’s analysis of the files on the breached section of its system confirmed the exposure and potential theft of the data of 16,769 individuals, which included 11,535 group health plan members. The impacted persons were informed concerning the incident on January 5, 2023. Complimentary credit monitoring services for two years were offered to the affected individuals.
55,297 Highlands Oncology Group Patients Affected by Ransomware Attack
Highlands Oncology Group based in Arkansas encountered a ransomware attack last September 2023. The attackers acquired access to sections of its system that included the PHI of 55,297 patients. The ransomware attack was discovered on September 26, 2023. The healthcare provider took immediate action to separate its system to stop further unauthorized access. As per the forensic investigation, the attackers got system access from September 25, 2023 to September 26, 2023 and may have extracted files before using the ransomware to encrypt files.
The review affirmed on November 27, 2023 that the attackers got access to the following types of data: name, birth date, passport number, Social Security number, driver’s license/state ID number, military ID number, credit/debit card number that may include expiration date and security code, financial account number, medical insurance data, and clinical details, such as diagnosis/conditions, laboratory results, and prescription details.
Although no incidents of identity theft or fraudulence were reported, as a safety precaution, those who had their Social Security numbers and/or driver’s license/state ID numbers were provided free identity theft protection services.
53,000 Family Healthcare Staff and Patients Affected by Data Breach
Family Healthcare located in North Dakota recently reported that it was impacted by a data breach that occurred at Brady Martz & Associates, its business associate. North Dakota-based Brady Martz & Associates provides Family Healthcare with tax-related services, bookkeeping and payroll assistance, audit and financial guidance.
Brady Martz & Associates got access to the information of Family Healthcare staff and selected patients to carry out its contracted responsibilities, including auditing patient billing records. Brady Martz & Associates discovered a data breach in November 2022 and had cybersecurity specialists to inspect and find out the scope of the breach. It was reported that over 53,000 persons were affected. Brady Martz & Associates announced the breach on September 8, 2023.
As per Brady Martz & Associates, the exposed data in the attack included the names of patient and/or employee, birth dates, ages, telephone numbers, financial account details, medical insurance data, patient account numbers, data concerning care gotten from Family HealthCare, and Social Security numbers. The exact number of Family Healthcare patients impacted and the reason for the late public announcement about the breach on January 11, 2024 were uncertain.
PHI of 10,566 Senior Scripts Exposed
Midwest Long Term Care Services, also known as Senior Scripts, reported the compromise of the PHI of 10,566 patients in a security breach that interrupted parts of its IT systems. The cyberattack was discovered and stopped on October 20, 2023. The forensic investigation revealed that the attackers initially got access to its system on October 8, 2023 and potentially extracted files from its system. The compromised files contained patient data such as names, contact details, insurance data, birth dates, prescription details, and Social Security numbers. Senior Scripts improved its network monitoring capabilities and will continue to review and enhance its security measures to stop the same incidents later on.