Enterprise IT security news and advice

Data Breaches at Arizona Asthma and Allergy Institute, Stillwater Medical Center and Nebraska Department of Health and Human Services

Arizona Asthma and Allergy Institute sent breach notification letters to 70,372 patients who obtained services between October 1, 2015 and June 15, 2020.

As per the breach notice, a selection of their personal data and protected health information (PHI) such as names, patient ID numbers, healthcare provider names, health insurance data, and treatment cost details were exposed on the internet under the name of another organization for a brief time period in September 2020.

After receiving an alert regarding the compromised information, a third-party forensics agency was called in to check out the breach. The investigation came to the conclusion on March 8, 2021 and confirmed that protected health information was compromised.

Databreaches.net contacted Arizona Asthma and Allergy Institute to notify them concerning the breach, which was a ransomware attack done by the Maze ransomware operation. Sensitive information gotten in the breach was published to the Maze Group’s data leak website for a little while in September utilizing the name Medical Management Inc .

Stillwater Medical Center Investigates Security Breach

Stillwater Medical Center based in Oklahoma has begun an investigation into a security breach affecting specific information systems. In a Facebook post on June 14, 2021, Stillwater Medical Center stated that a breach happened on June 13, 2021 and it immediately shut down its systems while the incident investigation was ongoing. A third-party computer forensics company is assisting with the inquiry. Systems will be connected back on the web immediately.

At this time, the investigation is still in the preliminary stages yet, there is no evidence uncovered that indicates the compromise of any patient information. Additional data regarding the incident will be given when it becomes readily available.

Nebraska Department of Health and Human Services Alerts People Concerning Privacy Breach

The Nebraska Department of Health and Human Services has determined a software error that resulted in the sending of people’s phone numbers and partial Social Security numbers to a third party in April 2021.

The HHS found out about the privacy incident on April 9, 2021 and has currently released notification letters to around 500 people. Based on the HHS, the nature of data and the individual to whom it was sent – a person in the State of Nebraska – makes the chance of identity theft or scam low.

Temporary actions have been undertaken to correct the software problem while the HHS looks into a more permanent solution.

Share This Post On