Alta Forest Products based in Chehalis, WA has encountered a cyberattack where the protected health information (PHI) of around 2,100 Alta Forest Products Health and Welfare Plan members was compromised. The company detected the security breach on September 1, 2022, and fast action was undertaken to protect its systems and stop continuing unauthorized access.
The forensic investigation affirmed that the attacker accessed member files on its servers from August 17, 2022 to August 31, 2022. At that time, the attacker may have acquired files that contain the data of health and wellness plan members including names, birth dates, the employee health plan enrollment status for selected Alta staff and their dependents, financial account numbers, and Social Security numbers.
Alta Forest Products sent notification letters to impacted persons on October 31, 2022. Free credit and identity monitoring services were provided to impacted persons. Alta Forest Products has likewise improved the safety of its computer systems and information.
Patient Records With PHI Stolen at Hilario Marilao, M.D Break-in
Pediatric cardiologist, Hilario Marilao, M.D based in Riverside, CA has just reported the theft of documents that contain the PHI of patients during a break-in. The paperwork was kept in a locked storage cabinet in the offices’ basement. The burglary was discovered on September 6, 2022, after the occurrence of a minor flood. The account ledgers that were supposed to be in the storage cabinet were not found. It is uncertain when the theft of the ledgers happened.
The ripped-off ledgers included patient names together with these types of data: address, telephone number, Social Security Number, medical insurance data, child’s name, date of service, and child’s birth date. Impacted persons went to Dr. Marilao from 2010 to 2011, possessed a last name beginning with Letters A to M, and either the child or parent was insured with an HMO or Medi-Cal plan. Dr. Marilao stated that all files are already transferred to the offices on the upper level, where there are new security cameras and alarms. The company provided the affected persons with free credit monitoring services.
Currently, it is unclear how many people were affected.
Three Rivers Provider Network Discovers Unauthorized Email Account Activity
Three Rivers Provider Network based in Las Vegas, NV has submitted a breach report involving an employee email account that comprised sensitive patient data like names, birth dates, addresses, passport numbers, Social Security numbers, driver’s license numbers, state-issued identification numbers, and health data.
The network discovered the unauthorized activity on June 3, 2022, and the confirmed exposure of PHI on August 17, 2022. There was no report of patient data misuse received during the issuance of notifications. Affected individuals received notification letters on November 5, 2022, and 24 months of complimentary credit monitoring services have been offered.
