Orthopedic practice Lakeshore Bone & Joint Institute based in Indiana, has encountered a breach that affected its Microsoft Office 365 environment, including emails and file attachments that store the protected health information (PHI) of some patients.
On July 7, 2021, the healthcare provider detected unusual activity in a staff member’s email account and quickly took steps to stop further unauthorized access. There was a cybersecurity and digital forensic company retained to look into the data breach and give assistance with remediation efforts.
The breach investigation affirmed that an unauthorized individual had acquired access to a worker’s email account. An analysis of the email account was finished on October 21, 2021, and revealed that the threat actor may have viewed or obtained the following types of patient information:
Date of birth, treatment details, MRN/patient ID, diagnosis, provider name, health insurance data, treatment cost details, and, for a number of patients, Social Security numbers.
People whose Social Security numbers were possibly affected have been provided a free 12-month membership to identity theft monitoring services.
Based on the breach report submitted to the Maine attorney general, the breach potentially impacted 23,627 individuals.
PHI Potentially Compromised in Ransomware Attack at Putnam County Memorial Hospital
Putnam County Memorial Hospital has started sending notification 6,916 persons concerning a July 2021 cyberattack that resulted in the potential compromise of PHI.
The attack was identified on July 18, 2021 because a staff member could not access some computer systems and records. A forensic investigation established that an unauthorized person got access to its network at some point between July 16 and July 18, employed a number of network reconnaissance tools to locate systems and data of interest, and then utilized ransomware to encrypt data.
The forensic investigation affirmed the attacker had access to some sections of the system which included patient and worker data including names, addresses, Social Security numbers, physician-patient assessments and notes, patient authorizations, and lab and radiology reports. It is believed that financial data were not compromised.
Following the breach, the hospital implemented new security measures to better protect patient information. No cost credit monitoring services were given to affected people for 12 months. Those services consist of darknet and clearnet monitoring, fraud assessment, quick cash scan, and identity theft restoration services, and identity theft insurance.