Social Action Community Health System (SAC Health) has lately advised 149,940 patients regarding the theft of documents that contain their protected health information (PHI) in a break-in at an off-site storage place that keep patient records.
SAC Health discovered the theft on March 4, 2022. The succeeding investigation affirmed on April 22, 2022 the theft of six boxes of paper files from the storage facility, which involved files in relation to patients helped by SAC Health in 1997 and between 2006 and 2020.
An evaluation was performed to find out which types of details were enclosed in the files and came to the conclusion the documents could have contained data including names, addresses, dates of birth, and diagnosis codes. SAC Health sent breach notification letters to those persons on May 3, 2022. As per SAC Health, it is not aware of any actual or attempted misuse of patient information due to the break-in; nevertheless, as a preventative measure against identity theft and fraud, the company offered complimentary credit monitoring services to impacted individuals. SAC Health mentioned it is going over its policies and procedures about the storage of paper documents.
14,000 Patients Affected by Bryan County Ambulance Authority Ransomware Attack
The Bryan County Ambulance Authority located in Oklahoma has just commenced informing 14,273 patients concerning the exposure and prospective theft of some of their PHI. It was stated in the notification letters that the provider discovered the attack on November 24, 2021 and that the files contained in its systems had been encrypted. Rapid action was done to avert further unauthorized access, and third-party cybersecurity specialists were hired to aid with the forensic examination.
The breach notice doesn’t mention what types of details were stolen during the attack however, nevertheless, it says victims have been given a free membership to an identity theft protection service. In accordance with the notice, the forensic investigation and file review just concluded on April 7, 2022, consequently the delayed issuance of notifications to affected people.
Vice Society Professes Being Behind the Ransomware Attack on Atlanta Perinatal Associates
The Vice Society ransomware group has stated it is responsible for a ransomware attack on Atlanta Perinatal Associates based in Georgia. Atlanta Perinatal Associates offers treatment for moms who face high-risk pregnancies, and arranges care with other healthcare companies.
The healthcare company has yet to confirm it suffered a ransomware attack; nevertheless, Vice Society has published information to its leak website that was presumably stolen during the attack. The information consists of names, birth dates, ID numbers, estimated due dates, referring doctor names, names of sonographer, ultrasound test results, drug and alcohol use backgrounds, other medical data, and some records comprise credit card data and medical insurance details. Based on databreaches.net, which examined a few of the files, they cover records developed from 2019 to April 2022.
Because the incident is not yet reported to regulating authorities, it is presently uncertain how many individuals were impacted.