Heartland Alliance and CentraState Medical Center Encounter Cyberattack

Heartland Alliance located in Chicago, IL, a social justice and human rights organization, announced on December 15, 2022, that it experienced a cyberattack. The organization discovered the security breach on January 26, 2022, and took immediate action to safeguard its systems and avert further unauthorized access. A prominent third-party cybersecurity agency investigated the attack.

It was confirmed by Heartland Alliance on April 27, 2022 that an unauthorized individual obtained access to its network and possibly accessed or gotten files with sensitive personal information. A lengthy assessment process was then begun to know the magnitude of the data breach and to get current contact details for the impacted individuals. That entire process was accomplished in December 2022.

Heartland Alliance has established that the protected health information (PHI) of persons who received medical care or joined in other Heartland programs was likely compromised, as well as the personal data of staff members, directors, and 3rd party contractors. The data involved was different from one individual to another and could have contained at least one of the following data types: names, dates of birth, bank account numbers, driver’s license numbers, Social Security numbers, and health information. Heartland Alliance mentioned it does not know of any actual or attempted misuse of the exposed data.

The provider sent notification letters to impacted persons on December 15, 2022, and offered a an identity and credit monitoring service for one year. Heartland Alliance has additionally confirmed that it has enhanced its IT security programs to avert the same security cases down the road.

CentraState Medical Center is Undergoing Disruption After the December Cyberattack

CentraState Medical Center based in Freehold, NJ is going through a cyberattack that transpired on or about December 30, 2022. The medical center detected the cyberattack during a shift change at approximately 7 am when computer systems began to malfunction. As a preventative measure, the medical center began full diversion, with ambulances redirected to other facilities whilst the trigger of the IT system outage was explored.

Tom Scott, who is the President and CEO of CentraState Medical Center, has affirmed that the malfunction was a result of a cyberattack that damaged specified IT systems. Systems were immediately singled out to restrict the attack. An investigation into the attack was to discover the nature and magnitude of the breach. Staff members recorded patient data manually while the IT systems are down, and extra personnel was engaged to handle the increased work.

CentraState Medical Center issued an additional report on January 3, 2023, affirming that the normal high quality of patient care is being followed, however, a few services at the medical center are still affected, such as mammography, outpatient radiology, radiation procedure, labs, and catheterization lab services. Booked inpatient surgeries proceed as scheduled, nevertheless, a few outpatient consultations were postponed or rescheduled.

No time frame was provided on when systems might be wholly restored, and no details were given on the particular nature of the attack. It is furthermore not clear at this early phase of the investigation if, and to what degree, patient information was involved.

About Christine Garcia 1309 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at https://twitter.com/ChrisCalHIPAA