Cyberattacks and Data Breaches Reported by Texas Medical Liability Trust, Bloom Health Centers and Other Healthcare Organizations

60,000 People Impacted by Texas Medical Liability Trust Data Breach

The Texas Medical Liability Trust (TMLT) submitted a data breach report to the Maine Attorney General representing itself and its affiliate companies, Physicians Insurance Company, Texas Medical Insurance Company, and Lone Star Alliance, Inc., a Risk Retention Group with 59,901 people impacted.

TMLT detected suspicious activity within its IT system on October 12, 2022. It took steps to protect its systems and engaged third-party forensics professionals to investigate. They confirmed that an unauthorized person accessed its system from October 2, 2022 to October 13, 2022. At that time, files that contained protected health information (PHI) including names, EIN/Tax ID numbers, state ID/driver’s license data, Social Security numbers, and financial account data could have been viewed. The review of the impacted files was completed on August 18, 2023.

Free credit monitoring services were provided to the impacted persons and an analysis of policies and procedures associated with the storage and access of sensitive data has been done.

Email Account Breach Impacts Bloom Health Centers Patients

Bloom Health Centers based in Timonium, MD discovered suspicious activity in its Microsoft 365 email system on July 5, 2023. It took immediate steps to stop further unauthorized access and started an investigation to locate the activity. With the help of a third-party cybersecurity company, Bloom Health Centers confirmed access to the email account of one clinician without permission on or about June 23, 2023.

The analysis of the account was done on August 7, 2023, and reported the inclusion of the PHI of 1,545 patients in the account. Data such as names, email addresses, addresses, phone numbers, birth dates, and medical data like prescription drugs and diagnoses could have been viewed or obtained at the time of the incident; nevertheless, no cases of patient data misuse were found.

The impacted persons already received notifications by mail and offers of credit monitoring and identity theft protection services. Bloom Health Centers enhanced email security measures and provided additional training on data protection guidelines to all employees.

Email Account Breach at Prime Therapeutics and Magellan Rx Management

Prime Therapeutics and Magellan Rx Management have encountered a data breach that impacted the PHI of 6,050 people. Prime Therapeutics based in Minnesota-based is a pharmacy benefit management firm providing services to health plans, businesses, and government agencies. Magellan Rx Management is a pharmacy company under the Prime Therapeutics firm.

The exposed information was kept in the mobile email account of an employee, which was found on July 11, 2023, to have been viewed by an unauthorized person. The breached credentials were deactivated, the unauthorized person’s IP address was blacklisted, and an evaluation was done to find out what data was compromised. While there was no proof of unauthorized data access found, the attacker could have viewed names, addresses, birth dates, medicine(s), and member ID numbers.

Prime Therapeutics stated it is going to continue reviewing internal processes for possible tweaks to reinforce account security and is assessing more safety measures to help avoid identical incidents from happening again later on.

Cyberattack on Claxton Hepburn Medical Center and Carthage Area Hospital

On August 31, 2023, Claxton Hepburn Medical Center and Carthage Area Hospital in Northern New York suffered a cyberattack. The hospitals diverted their emergency room services and canceled appointments as a preventative measure because of the possibility of taking IT systems offline.

The FBI, the Department of Homeland Security, and the New York State Department of Health were informed regarding the attack. The government knows the threat actor responsible for the attack but did not reveal which group it was. The incident is under control however the investigation is in progress. At this point of the investigation, it seems that there was no patient data exposed.

Phishing Attack on NOW Health Group

NOW Health Group, Inc. based in Bloomingdale, IL recently confirmed that the PHI of 4,661 people was exposed to a phishing attack. The company detected the attack on or about March 17, 2023 upon noticing suspicious activity in its email system. The forensic investigation confirmed that unauthorized persons acquired access to a number of employee email accounts from March 17 to March 20. Analysis of the email messages and documents in the accounts was finished on July 6, 2023. The names and Social Security numbers may have been possibly exposed.

Extra safety measures were put in place to enhance email security and additional training was given to staff members to enable them to recognize attempts of phishing attacks. Free credit monitoring services were provided to the impacted people.

Twitter Facebook LinkedIn Reddit Copy link Link copied to clipboard
Photo of author

Posted by

Mark Wilson

Mark Wilson is a news reporter specializing in information technology cyber security. Mark has contributed to leading publications and spoken at international forums with a focus on cybersecurity threats and the importance of data privacy. Mark is a computer science graduate.