Full-service home medical equipment firm, Health Aid of Ohio in Parma, OH, has learned that unauthorized people obtained access to its networks and stolen a number of files. The data breach was identified on February 19, 2021 after noticing suspicious system activity. Health Aid of Ohio immediately took steps to get rid of the attackers from its network and protect all patient data.
A breach investigation affirmed that the attacker got access to files and exfiltrated them from Health Aid’s systems, nevertheless, it cannot be confirmed exactly which files were obtained from its networks. It is likely that a number of the exfiltrated files contained VA plan members’ protected health information (PHI).
The data possibly compromised included names, telephone numbers, addresses, and details of the type of equipment delivered to homes or was set up in people’s residences. The PHI of individuals who received services through their insurance company or healthcare provider included names, telephone numbers, birth dates, details of insurance, Social Security numbers, diagnosis information, and type of equipment.
Though the above-mentioned information could have been stolen, so far, Health Aid of Ohio did not receive any report that indicates any misuse of the compromised information. data.
Health Aid of Ohio has not discussed how the attackers acquired access to its systems and whether the attackers used malware or ransomware. However, it has already notified the Federal Bureau of Investigation (FBI) and appropriate authorities. The breach report submitted to the HHS’ Office for Civil Rights indicates that about 141,149 individuals were probably impacted.