Connecticut-based Aetna ACE recently informed 326,278 regime members that their information could possibly have been accessed in a ransomware attack against its one-touchpoint print and email provider.
OTP had previously informed 30 fitness plans of the impact on its patients’ data, but Aetna was not on that list. Reported to the Maine attorney general in late July, the Prosecutor’s Office report indicates that 1. 07 million patients were reported to a ransomware incident first detected on April 28.
An investigation into the scope of the incident led us to think that a risk actor first accessed certain servers a day before deploying the ransomware. OTP was unable to discover the fast files that the attacker accessed in this period. The affected servers contained patient names, member IDs, and data provided aptitude assessments.
No social security numbers or financial information were affected, other than a fitness plan in which SSNs were involved. The effects were reported to affected providers on June 3. It is important to note that the Health Insurance Portability and Accountability Act requires disclosure within 60 days of discovery and without undue delay.
The OTP site lists 30 affected fitness plans, adding Clover Health, several Blue Cross Blue Shield branches, HealthPartners, and various Regence BlueCross or BlueShield departments. A Blue Shield report shows that its subcontractor, Matrix Medical Network, used OTP for printing and shipping.
OTP has briefed law enforcement and is lately adding new safeguards while reviewing its policies and procedures related to privacy and knowledge security.
Aetna reported the incident to the Department of Health and Human Services on July 27 and realizes it only affected a limited diversity of patient knowledge, adding names, dates of birth, tactile data, and some medical knowledge.
This is the time when a supplier-related incident was reported for an Aetna ACE branch in the past two years. The knowledge of 484,154 members of the regime was likely accessed by hacking its provider EyeMed in 2020.
A new report from Goodman Campbell Brain and Spine appears to confirm that Hive’s risk actors stole and leaked patient information following the ransomware attack and the upcoming network outage reported in June. Maine Attorney General’s Report Shows 362,833 Patients Were Reported the Impact of Knowledge
Goodman Campbell reported in the past that he was the victim of a cyberattack on May 20, which disrupted the operations of the network and communication system. It took the vendor about a month to complete their systems. The FBI and an outside cybersecurity specialist were contacted. to help with the answer.
At the time, Goodman Campbell officials said they “did not yet have to determine the full nature and extent of non-public knowledge that would possibly have been compromised,” and their initial findings showed that, in fact, patient and worker knowledge had been accessed through risk. actor.
However, the hive risk actors had posted evidence on their escape site that suggested they were the attack. The discovery of the leak confirms the leak: “We know that some data acquired through the attacker was made available for about 10 days on the dark web. “
The ice also provides additional important points about the attack, adding that forensic analysis showed that workers’ and patients’ data had been stolen from their systems. patients.
The electronic medical record formula was not accessed during the attack. Instead, risk actors accessed and extracted knowledge from “other places in our internal network, such as appointment calendars, referral forms, and insurance eligibility documents. “
In general, stolen knowledge appears to include full names, Social Security numbers, dates of birth, tactile information, medical records and patient account numbers, diagnoses, treatments, provider names, insurance details, and dates of service.
Goodman Campbell has since implemented new protective tracking equipment to save him again.
A network attack on Avamere Health six months ago resulted in the theft of information from 379,984 patients, adding up to 183,254 patients from its consumer Premere Infinity Rehab. Infinity Rehab has a contract with Avamere for its IT services.
“Intermittent unauthorized access” was discovered on a third-party-hosted network used through Avamere, but the report does not specify when the attack was first discovered. The investigation concluded on May 18 that the risk actor had had access to the network for two months. between 19 January and 17 March.
Supported by a consultation with an outside cybersecurity firm, the investigation found that the hacker had deleted a limited number of files and folders from the network.
Stolen data varies by patient and may include fitness information, adding patient names, tactile data, dates of birth, social security numbers, driver’s licenses or state identity numbers, claims data, bank account numbers, medications, lab results, and medical data. Diagnostics. All affected patients will get loose credit tracking services.
Avamere’s notice lists approximately 80 health care sites affected by the incident, 59 of which appear to be Avamere-owned sites. Posting of the incident on Infinity Rehab screens shows that another 68 healthcare sites were involved, for a total of approximately 142 healthcare sites affected by the hack and knowledge theft.
Some patients affected by a ransomware attack and knowledge exfiltration incident at PracticeMax in 2021 only now learn that their knowledge was related to the incident. most likely, the knowledge was stolen by the third-party vendor incident.
In October 2021, the PracticeMax report detailed the incident, where attackers accessed certain consumer networks after hacking into the provider’s network and deploying ransomware on May 1, 2021.
However, Fast Track’s realizes that not all vendor networks were hacked in the incident. It appears that the emergency care provider was first informed of the ransomware incident on May 10, 2021. had been affected by the attack.
It wasn’t until February 14, 2022 that Fast Track knew it was imaginable that their knowledge was involved. But because PracticeMax’s research was ongoing, access to knowledge wasn’t shown until June 6.
Compromised data varies by patient and may include names, social security numbers, passports, touch data, dates of birth, driver’s licenses or government ID cards, treatments, diagnostics, health insurance data, financial data, and other medical information. It is not transparent why PracticeMax’s previous Notice of Infringement stated that the investigation ended on August 29, 2021.
Approximately 49,000 patients connected to McLaren Port Huron Hospital were recently informed that their share of knowledge of the data was stolen from MCG Health, a business partner that provides care guidance to healthcare entities and health plans.
In June, MCG first reported that a risk actor had stolen the patient’s knowledge after a “security issue,” but did not know how the theft occurred or if it was a cyber attack. On March 25, MCG decided that an actor had received knowledge matching patient data stored in its systems.
A week later, 8 more providers were added to the account. The McLaren Port Huron report matches previous notifications and adds: “Due to the delay at McLaren Port Huron in receiving the report of this event, we have not conducted our own investigation into the likelihood of an actual compromise of our patients’ knowledge stemming from this event. “
As such, the hospital assumes this is a violation, as explained through HIPAA. MCG reported that the incident to HHS affected 793,283 patients, however, other state reporting sites show the count at 1. 1 million people.
Home care provider Healthback Holdings recently reported 21,114 patients who likely accessed their information when several workers’ email accounts were hacked. 2021 to May 15, 2022.
Subsequent forensic investigation may simply not know which emails, if any, were accessed through the risk actor. A review of the accounts revealed that they contained patient names, social security numbers, fitness insurance information and clinical data. All patients are presented with follow-up of loose credits. and identity theft coverage services.
Since then, Healthback has strengthened its email security protocols and provided workers with more education about phishing emails.
CyberRisk Alliance, Sc Media’s voice of cybersecurity and healthcare policy, provides an industry-specific policy on the top issues for healthcare and continues to build relationships with industry stakeholders.
Monthly API security breaches occurred in organizations of 20% of API developers and professionals, although 51% noted that more than a portion of their organizations’ progress efforts were directed at APIs, VentureBeat reports.
Google revealed that it shunned an HTTPS-based distributed denial-of-service attack with a peak of 46 million requests consistent with the Time in June, nearly 76% more than the record DDoS attack blocked through Cloudflare in the same month. , according to El Registro.