Ransomware Attacks Reported by Surecare Specialty Pharmacy, Blue Shield of California, and Blue Cross of California

8,412 Patients’ PHI Potentially Exposed Due to Surecare Specialty Pharmacy Ransomware Attack

Surecare Specialty Pharmacy based in El Paso, TX has lately reported that it had suffered a sophisticated ransomware attack last August 16, 2021. The IT service provider of Surecare took prompt action as soon as it discovered the attack, and engaged a third-party forensics company to check out the attack.

The investigators affirmed on August 31, 2021, the potential access and/or exfiltration of files that contain some patients’ protected health information (PHI) before the ransomware deployment. There was no proof found nor reports received that suggest the misuse of patient information.

An evaluation of the encrypted files revealed that they included patient names, addresses, birth dates, medical insurance data, and prescription data. A very small number of persons had their Social Security numbers also compromised.

Surecare states it already implemented extra security measures to avoid more cyberattacks and is reviewing policies and procedures, which will be modified as needed to strengthen data security.

Members of Blue Shield of California and Blue Cross of California Affected by Ransomware Attack on Its Vendor

A ransomware attack on the health insurance broker Team Alvarez Insurance Services based in Santa Ana, CA led to the compromise of the PHI of 2,841 members of Blue Shield of California and 672 members of Blue Cross of California.

Team Alvarez informed the health plans on August 27, 2021 concerning a cyberattack that happened on August 25. Team Alvarez promptly secured its system to block further unauthorized access and carried out an extensive investigation to find out the nature and extent of the attack.

On October 13, 2021, the health plans discovered the attacker got access to sections of the Team Alvarez network that stored the members’ enrollment forms. It wasn’t possible to find out whether those forms were accessed or downloaded. The following data elements had been included in the forms: name, address, telephone number, email address, birth date, gender, policy effective date, subscriber ID number, emergency contact details, power of attorney/authorized representative details, and broker data.

Team Alvarez stated that besides carrying out a reset of all passwords, it has reviewed all firewall settings, conducted a system-wide security check, and rebuilt its infrastructure and servers in a clean environment.

The company offered the affected members free access to 12 months of Experian IdentityWorksSM identity theft protection service.

About Christine Garcia 1295 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at https://twitter.com/ChrisCalHIPAA