Wisconsin Department of Health Services, Detroit Health Department, and Smith, Gambrell & Russell, LLP Announce Data Breaches

Wisconsin Department of Health Services Reports Accidental Disclosure of PHI through Email

The Wisconsin Department of Health Services (DHS) has just announced that there was an accidental disclosure of protected health information (PHI) via its email. Based on the breach notice, in April 2021, the DHS Children’s Long-Term Support Council got a presentation via email that comprised protected health information. The presentation was subsequently sent by the Council to staff working for a number of county government agencies. The presentation was shared on the DHS web page as part of the minutes of the meeting.

The problem was noticed on August 8, 2022, and the file was erased from the meeting minutes and swapped with a file that did not give access to PHI. Steps were furthermore undertaken to get back all distributed presentation files. The presentation included these types of data: first and last names, gender, birth date, county area, Social Security Number, and Wisconsin Medicaid Member ID Number of affected Wisconsin Medicaid members.

DHS stated that the breach impacted 12,358 members of Wisconsin Medicaid. The affected people have already gotten notification and offer of free memberships to a credit monitoring service for one year.

Detroit Health Department Announces Unauthorized Exposure of PHI to Third Party

The Detroit Health Department (DHD) has lately reported the unauthorized exposure of clients’ PHI. As per the breach notification, on May 12, 2022, DHD uncovered that its office had an unauthorized disclosure of information to a third party. The data exposed included names, race, gender, birth dates, addresses, contact data, marital status, family size, and participation status in selected Detroit Health Department programs. DHD mentioned the breach didn’t have an effect on all DHD customers, although it is presently not clear specifically how many people were impacted. Those persons are currently being alerted through the mail and were given information about the steps that they could take to keep safe against identity theft and fraud.

Smith, Gambrell & Russell, LLP Reports Potential Data Theft in 2021 Data Breach

The international corporate law company, Smith, Gambrell & Russell, LLP, has stated that an unauthorized person acquired access to its system and might have viewed files that contain client data, such as data given to the company by Astra Group, Flagler Hospital in Florida, Pontoon Solutions, Inc, Modis Inc, Valmet Corporation, and ServiceLink and associated ServiceLink firms.

Based on the substitute breach notice on the website of the law firm, the security breach was discovered on August 9, 2021. The law firm immediately implemented incident response protocols, notified law enforcement, and engaged external cybersecurity experts to look into the breach. It was affirmed that the attacker got access to its system and might have deleted files. A vendor was subsequently engaged to evaluate all impacted files, and the law company says that process has just been finished lately.

The analysis affirmed that there was information in the impacted files associated with 4,688 persons from the impacted companies. The potentially compromised data included addresses, driver’s license numbers, Social Security numbers, government IDs, and medical data like treatment, diagnosis, and health background; nevertheless, there was no report received that indicates the misuse of any personal data. Impacted persons have already been informed and provided identity theft protection and credit monitoring services.

Link copied to clipboard
Photo of author

Posted by

Mark Wilson

Mark Wilson is a news reporter specializing in information technology cyber security. Mark has contributed to leading publications and spoken at international forums with a focus on cybersecurity threats and the importance of data privacy. Mark is a computer science graduate.