An additional 15,000 has been added to the tally of breaches already recorded by Pioneers of Eye Care

An Air Force ophthalmologist operates on a patient on September 1, 2022 (Army)

Another 15,000 patients have been added to the tally of breaches of the Eye Care Leaders ransomware attack nearly a year ago.

Massengale Eye Care issued a breach notice to patients in late October, informing them that their data was compromised during what remains the largest reported healthcare incident this year in Almost 3.7 million affected The patients.

While the mainstream media recently warned that Common spirit health Cyberattacks could affect 20 million patients The health system’s massive financial report from this week said again that they are still investigating and have found no evidence of the effects of patient data. As such, ECL still ranks as a questionable first.

As reported, ECL’s EMR suffered a ransomware attack on December 4, after an actor accessed the platform and deleted databases and system configuration files. Without the data, it would not have been possible to determine if the data was accessed or leaked before it was deleted.

The compromised data varied by provider and patient, and for Massengale, the data could include names, contact information, dates of birth, Social Security numbers, diagnostic details, and health insurance information.

ECL has not issued its breach notice with the Department of Health and Human Services, as it is defending itself against a provider-led lawsuit accusing the cloud EMR vendor of concealing additional ransomware incidents that were published earlier this year.

A number of service providers were affected by these alleged incidents Speak exclusively with SC Media, detailing their frustration with procrastination. The status of the lawsuit was last updated in October, with at least 13 filings filing an extension of time to respond to claims and two additional filings dismissing the case request. In these filings, ECL has repeatedly denied these allegations.

A CorrectCare security incident swelled to 607,000 affected individuals

Two other healthcare entities have filed breach notices with HHS, after medical claims processing vendor CorrectCare informed them that their patient information had been disclosed due to two misconfigured file databases in July.

CorrectCare Integrated Health has filed three notices with the HHS Office of Civil Rights as affecting 496,589 individuals, while its clients PrimeCare Medical and Mediko have sent notices to 22,254 patients and 2,809 individuals, respectively.

Together with 85,466 pretrial and inmates Louisiana Department of Public Safety and corrections, the number of breaches is now 607,118.

As mentioned earlier, the notifications stem from a security incident that was first discovered by CorrectCare on July 6th. Two file directories on CorrectCare’s web server were inadvertently exposed to the public Internet and secured within nine hours.

Subsequent forensic investigation determined that the exposed database contained data from patients who received care at affected providers, as far back as January 1, 2012. The data included names, SSNs, dates of birth, inmate numbers, and diagnostic codes or CPT codes. Names of providers and treatment dates.

The file directories did not contain any driver’s license numbers, financial account details, or financial card information. CorrectCare has since implemented security improvements to its systems.

Work Health Solutions reports an email breach affecting protected health information

Occupational health provider Work Health Solutions recently informed an undisclosed number of patients that their data was exposed during an email breach more than six months ago.

The notice doesn’t say when the unauthorized access to the account occurred, only that one email account was compromised over a month between February 16 and March 24 of this year. The investigation confirmed that the patient data was received in the accounts on October 11.

As widely reported By SC Media, several security incidents have been reported involving email away from HIPAA 60-day requirements, due to forensic challenges. HHS recently reminded the industry that Timely reporting is required by HIPAA Regardless of the investigation continues.

For WHS, forensics determined that the account contained patients’ names, SSNs, driver’s license numbers, health insurance details, and/or medical information. Not all patients were affected by the accident. Patients whose Social Security number has been compromised will receive free credit monitoring services.

Phishing attack affects 18K Gateway Ambulatory Surgery patients

Just over 18,000 patients associated with Gateway Ambulatory Surgery Center in North Carolina were recently notified that their data was compromised during a phishing attack earlier this year.

The carefully written notice says that access to two employees’ email accounts was first discovered in April, prompting a lengthy investigation that didn’t end until September. It is not clear why the provider waited another two months to inform patients of the breach of privacy.

Analysis confirmed that the access was caused by a phishing incident, which resulted in a three-month period of unauthorized access to these accounts between February 14 and May 10 – one month after the initial access was discovered.

Access to emails and attachments cannot be excluded, which performs a thorough search of the email contents to identify affected patient information. Gateway confirmed that the data could include health benefit enrollment data, health insurance details, medical history, patient account numbers, and histories of service. A small group of SSNs and driver’s licenses were also disclosed.

Gateway is currently strengthening its security measures by implementing a new endpoint detection and response system and providing staff with additional training.

Leave a Comment