Cyberattacks at Precision Imaging Centers, Atrium Health Wake Forest Baptist, Marshall & Melhorn, and Murfreesboro Medical Clinic & SurgiCenter

Precision Imaging Centers located in Jacksonville, FL recently informed 31,010 patients with regards to a security breach that took place on or about November 2, 2022. Unauthorized persons acquired access to its system and extracted files that contain sensitive patient data. The breached data differed from one patient to another and might have involved first and last names, birth dates, addresses, Social Security numbers, government-issued ID numbers, driver’s license numbers, medical insurance data, health conditions/diagnoses, and other health data.

Precision Imaging Centers stated that a high-profile threat actor group conducted the attack. Immediately after confirming the attack, there was a law enforcement operation and seizure of the threat group’s websites and servers. The threat actor responsible for the attack appears to be the Hive ransomware group. Precision Imaging Centers stated there was no evidence of personal data misuse detected.

Precision Imaging Centers singled out its system upon discovery of the breach. A forensic investigation followed and a review of documents. Precision Imaging Centers stated that the review of documents ended on June 20, 2023. The company mailed notification letters on June 22, 2023, and offered credit monitoring and identity theft protection services via IDX to the affected individuals. Precision Imaging Centers has employed new systems and has improved its security procedures to stop the same attacks later on.

Ohio Law Firm Notifies Individuals About September 2021 Data Breach

The law agency, Marshall & Melhorn, LLC, based in Toledo, OH began informing 9,412 persons about the exposure of some of their protected health information (PHI) in a 2021 cyberattack. According to the notification letters, there occurred a computer network outage on September 14, 2021. The investigation of the incident confirmed that an unauthorized person got access to its system between August 20, 2021 and September 14, 2021; nevertheless, the investigation could not identify the actual files that were viewed or acquired.

Marshall & Melhorn stated it performed an analysis of all files possibly affected, and that procedure was finished on May 19, 2023, 18 months after detecting the breach. Getting updated contact details of the affected clients took until May 19, 2023 to finish. Then, on behalf of Lima Memorial Health System, Marshall & Melhorn mailed the notification letters on June 7, 2023.

The data possibly viewed included names, Social Security numbers, addresses, financial account details, driver’s licenses and state ID details, passport data, medical information, and medical insurance details. The law agency states it has added more cybersecurity measures because of the breach and did not find any misuse of the compromised data. It seems that the agency did not offer credit monitoring services.

Atrium Health Wake Forest Baptist Suffers Phishing Attack

Atrium Health Wake Forest Baptist based in Winston-Salem, NC lately reported that patient data was kept in the email account of an employee that was viewed by unauthorized persons because the employee was fooled by a phishing email.

The attack happened on April 20, 2023, but the unauthorized access was discovered and blocked at that time as well. The forensic investigation showed that unauthorized access was hindered, the breach was limited to just one email account, and the email account included the PHI of 3,679 persons. Although PHI could have been accessed or stolen, the forensic investigation confirmed that the attack wasn’t targeting the email account content.

The data in the account differed from one patient to another and probably involved at least one of these data: name, birth date, hospital account record number, medical insurance details, treatment cost data, and/or clinical data, like provider name, date(s) of service, and location(s) of service. The Social Security numbers of some persons were also exposed.

Notification letters were sent and those who had their Social Security numbers compromised were offered free credit monitoring and identity protection services. Security controls have been enhanced and phishing training will continue to be provided to the workforce.

559,000 People Impacted by Cyberattack on Murfreesboro Medical Clinic & SurgiCenter

Murfreesboro Medical Clinic & SurgiCenter (MMC) located in Tennessee has lately reported that the PHI of over 500 thousand patients was compromised in a sequence of attacks on its network and IT systems, which were identified on or about April 24, 2023.

After securing its network, MMC launched an investigation and secured its network. It was affirmed that a popular cyber extortion operation was responsible for the attack and acquired access to the system on or about April 22, 2023. MMC didn’t mention the name of the group, however, it seems to refer to the BianLian threat group.

MMC stated it could not figure out whether files were viewed or extracted from its system; nevertheless, the parts of the system that were viewed included files with the PHI of 559,000 patients. The data possibly viewed or taken included complete names, birth dates, residence addresses, telephone numbers, dependent data, or partial social security numbers dates of service, medical and diagnostic data associated with those dates of service, test finding results, procedure information, prescription details, health record numbers, and insurance and enrolment data.

MMC stated it remanufactured its system and has applied advanced security capabilities to avoid the same breaches later on. The mentioned attack seemed not to have arrived in any loss of information. As a safety measure against identity theft and fraud, impacted individuals were provided two years of free credit monitoring services.

Arizona Medicaid Agency Credit Reports Exposure of Medicaid Recipients’ PHI

Arizona Health Care Cost Containment System (AHCCCS) has reported the exposure of the PHI of 2,632 Medicaid recipients. On May 11, 2023, the Arizona state Medicaid agency identified a vulnerability in the HEAplus system toolbar on the e-Arizona website, which permitted access to sensitive data. The compromised data included the first and last names, the last four numbers of Social Security numbers, and addresses. AHCCCS has implemented additional security improvements to stop the same breaches from happening again and informed the impacted people through mail on July 3, 2023.

Twitter Facebook LinkedIn Reddit Copy link Link copied to clipboard
Photo of author

Posted by

Mark Wilson

Mark Wilson is a news reporter specializing in information technology cyber security. Mark has contributed to leading publications and spoken at international forums with a focus on cybersecurity threats and the importance of data privacy. Mark is a computer science graduate.