Recent Cyberattacks Reported by Mercy Medical Center – Clinton and Five Other Healthcare Providers

Patient Information Potentially Lost Because of Mercy Medical Center – Clinton Cyberattack

Mercy Medical Center – Clinton has advised 20,865 patients concerning a security incident that impacted its system. It discovered the security breach on April 4, 2023. It was confirmed by the forensic investigation that an unauthorized third party accessed its network from March 7, 2023 to April 4, 2023.

The medical center continued to provide patient care although its systems were inaccessible while remediating the attack. The investigation of the incident is in progress, but the exposure of these types of data was confirmed: name, address, birth date, state ID / driver’s license number, Social Security number, Medicare or Medicaid ID number, medical record number, encounter number, financial account details, physical or mental treatment/condition data, diagnosis code/details, date of service, date of admission/discharge, prescription details, billing/claims data, name of personal representative or guardian, and medical insurance data.

Mercy Medical Center didn’t say if it was a ransomware attack but mentioned that data was recovered from backup data and a number of data were probably lost. Extra technical measures are being undertaken to try to reproduce the lost information it could not restore. Affected individuals received credit monitoring and identity protection services. The medical center put in place more technical safety measures to stop the same attacks later on.

Pioneer Valley Ophthalmic Consultants Informs Patients Concerning Business Associate Data Breaches

Pioneer Valley Ophthalmic Consultants (PVOC) located in Holyoke, MA lately informed 36,275 patients about the exposure and potential theft of some of their protected health information (PHI) due to two security incidents that occurred at third-party vendors, ECL Group, LLC and Alta Medical Management, which offered accounting and billing services.

Based on the May 22, 2023, breach notice, the security incidents happened in 2021. PVOC learned on March 3, 2022 about the installation of malware on the vendors’ servers from November 13, 2021 to November 15, 2021. PVOC learned on May 11, 2022 that Alta’s online patient website was at risk of unauthorized access to payment receipts up to October 26, 2021.

The data possibly exposed because of the malware incident contained names, addresses, payment card data, medical files, and Social Security Numbers. The unsecured patient website made it possible for unauthorized access to names, email addresses, transaction ID numbers, transaction dates and times, statement numbers, the four-digit ending of payment cards/ account numbers, and any data inputted into the comments section of the website.

PVOC stated it is not aware of any attempted or actual misuse of the exposed data. Monitoring was improved as a reaction to the breaches and more technical solutions and security staff were onboarded. Impacted persons were provided free credit monitoring services.

4,000 Individuals Affected by Topcon Healthcare Solutions Breach

Topcon Healthcare Solutions offers imaging, diagnostic, and intelligent data technology services. It sent a security breach report to the Maine Attorney General indicating the exposure of protected health information. The company detected the security breach on February 5, 2023. The forensic investigation confirmed the unauthorized access to information on its systems from January 7, 2023 to February 5, 2023.

In its breach notification on May 22, 2023, Topcon stated the investigation of the incident is in progress to find out the particular types of data that were compromised. Topcon will send notification letters to impacted persons after the investigation is complete. The breach report sent to the Maine Attorney General indicated that about 4,209 individuals were affected.

Ransomware Attack at Canopy Children’s Solutions

Mississippi Children’s Home Society, CARES Center Inc, and Mississippi Children’s Home Services Inc, also known as Canopy Children’s Solutions, encountered a ransomware attack in April wherein systems files were encrypted. The ransomware attack was discovered on April 4, 2023, and there were third-party forensics experts involved to look into the nature and extent of the breach.

As per the Canopy Children’s Solutions’ data breach notice, the attackers got access to selected systems on its site and could have accessed and/or obtained specific systems files and folders. The data breach notice issued on June 2, 2023 says that there is an ongoing investigation to find out which persons were impacted and the types of information affected. Notification letters are going to be sent by mail to impacted persons when the investigation is complete. Canopy Children’s Solutions stated it has looked over its data privacy and security guidelines and procedures and is putting in place extra safety measures to stop more attacks later on.

The Nokoyawa threat group stated it is responsible for the attack and has included Canopy Children’s Solutions on its data leak website. The group claims to have extracted 150 gigabytes of data and is preparing some files for publication.

Peachtree Orthopedics Encounters Data Theft and Extortion Case

Peachtree Orthopedics located in Atlanta, GA has reported a cyberattack that happened on April 20, 2023. The forensic investigation affirmed that an unauthorized third party acquired access to sections of its network that included patient data like names, dates of birth, addresses, Social Security numbers, driver’s license numbers, medical treatment/diagnosis data, treatment expenses, financial account data, and medical insurance claims/provider details.

Peachtree Orthopedics stated it altered account passwords and put in place extra security measures to minimize the chance of an identical situation happening down the road and stated the investigation is in progress to find out the number of patients impacted. Peachtree Orthopedics stated it can’t exclude unauthorized access to patient data.

The Karakurt threat group claimed that it is responsible for the attack and has included Peachtree Orthopedics on its data leak website. The group states it has exfiltrated 194 gigabytes of information, which include personal data and health records, and has threatened to post the information when no ransom is paid.

PHI of Cleveland Clinic Patients Exposed in MedInform System Breach

MedInform, Inc., a company providing itemization and accident recovery solutions to hospitals, encountered a security incident that compromised the information of 14,453 patients at Cleveland Clinic. The company detected the breach on December 21, 2022 after identifying suspicious activity within its system. The forensic investigation affirmed that an unauthorized individual accessed its systems from December 5, 2022 to December 21, 2022 and downloaded files.

The late issuance of notifications was because of the long time it took to check all impacted files. Those files included names, addresses, Social Security numbers, financial account data, and medical billing details. More technical and administrative controls were put in place after the breach, and the employees received extra security training.


About Christine Garcia 1299 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at