Data Breaches Announced by Suncoast Skin Solutions, South City Hospital, The Colorado DHS and Raveco Medical

Suncoast Skin Solutions, a network comprised of 22 medical, surgical, and cosmetic dermatological care clinics based in Florida, lately commenced informing 57,730 patients regarding a ransomware attack it uncovered on July 14, 2021.

Suncoast stated upon discovery of the attack, it took immediate action to avoid the encryption of its whole systems and hired a third-party cybersecurity company to carry out a forensic investigation to identify the nature and extent of the attack.

On October 14, 2021, the cybersecurity company finished its investigation and Suncoast carried out an early assessment of its systems to know if they included any patient data. That task was finished on November 8, 2021, and a third-party provider was involved to analyze all impacted files to find out the particular persons whose information was possibly breached.

Suncoast has currently affirmed that these types of data were likely accessed by the hackers: names, birth dates, clinical data, doctor’s records, and some treatment data. Suncoast stated it is not aware of any actual or attempted improper use of patient records because of the data breach. Steps were undertaken to avert the same breaches down the road, which include moving all patient records to an encrypted system. Free credit monitoring services were made available to selected impacted persons.

South City Hospital Reports Stolen Backup Server Made Up of PHI of 21,601 People

South City Hospital located in St. Louis, MO, previously St. Alexius Hospital, experienced a robbery on November 13th or 14th and intruders stole a backup imaging server from a practice location.

An evaluation of the server affirmed it stored protected health information (PHI) of 21,601 people, such as names, health insurance details, Social Security numbers, radiology imaging, and/or other associated health details.

Because of the break-in, the hospital has enforced more safety measures to avoid further breaches of patient information.

Cyberattack on Business Associate Affects Colorado Department of Human Services

The Colorado Department of Human Services (CDHS) has informed 6,132 persons concerning the potential breach of some of their PHI during a cyberattack on its vendor, Sound Generations.

Sound Generations based in Seattle, WA offers services for adults suffering from handicaps, and CDHS partners with Sound Generations to save data for its fact-based fall prevention plan referred to as A Matter of Balance. Sound Generations inspected the breach and though there is no proof of data misuse found, it wasn’t possible to exclude unauthorized information access.

The types of data probably exposed comprises names, telephone numbers, addresses, email addresses, dates of birth, and whether clients possess medical insurance.

PHI of 4,897 Persons Likely Exposed in Raveco Medical Hacking Incident

The women’s health clinic Raveco Medical in New York City has advised 4,897 patients regarding the possible access of their PHI by unauthorized people.

Raveco Medical identified a security breach on November 22, 2021, and involved a third-party cybersecurity agency to look into the breach. The investigation established the duplication of files in its systems that comprised last and first names of patients, birth dates, prescription drugs, diagnoses, payment card data, and/or Social Security numbers.

Raveco Medical mentioned it is attempting to strengthen data security to avert more hacking incidents. Impacted persons were offered free membership to credit monitoring and identity theft resolution services via IDX.

Twitter Facebook LinkedIn Reddit Copy link Link copied to clipboard
Photo of author

Posted by

Mark Wilson

Mark Wilson is a news reporter specializing in information technology cyber security. Mark has contributed to leading publications and spoken at international forums with a focus on cybersecurity threats and the importance of data privacy. Mark is a computer science graduate.