235,000 Individuals Affected by Yakima Valley Radiology Data Breach
Yakima Valley Radiology has suffered a data breach that has affected 235,249 individuals. Data breaches have also been reported by Employee Benefits Corporation of America, Benefit Design Group, and Lena Pope Home.
Yakima Valley Radiology
Yakima Valley Radiology in Washington has recently notified 235,249 individuals that there has been unauthorized access to a limited amount of patient data. The breach was detected on August 18, 2023, and third-party forensics experts were engaged to investigate the breach.
Yakima Valley Radiology said unauthorized individuals gained access to its network on August 18, 2023, and cybersecurity professionals were engaged to investigate the breach. Considerable time and effort were put into determining what information had been exposed and which individuals had been affected. On January 31, 2024, it was confirmed that “a limited amount of personal information” was removed from its network, which for some individuals included names and Social Security numbers. Those individuals have been offered complimentary credit monitoring services.
Employee Benefits Corporation of America and Benefit Design Group
Employee Benefits Corporation of America and Benefit Design Group, Inc. have confirmed that there has been a breach of the protected health information of 38,912 employees. On or around October 11, 2022, the Department of Homeland Security notified the Virginia Farm Bureau (VFB) that it had received a credible tip that there had been a breach that affected VFB and its affiliated companies. An investigation was launched which confirmed that a single workstation had been compromised. The affected user account was disabled to prevent further unauthorized access.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Then, on October 16, 2022, data was encrypted on its systems in a ransomware attack. In that attack, the following information may have been compromised: names, driver’s license numbers, Social Security numbers, and financial account details belonging to individuals who have received services from VFB or are current or former employees.
The affiliated companies affected included Virginia Farm Bureau Mutual Insurance Company, Countryway Insurance Company, Custom Health Care, Inc., Virginia Farm Bureau Service Corporation – Health Care Consultants division, Employee Benefits Corporation of America and Benefit Design Group, Inc. Affected individuals have been offered complimentary credit monitoring services. No explanation was provided about why it took so long to issue notifications.
Lena Pope Home Inc.
Lena Pope Home Inc. in Texas identified unauthorized activity in an employee’s email account on September 30, 2023. A forensic investigation confirmed that the unauthorized activity was limited to a single account, and the review of the email account confirmed that it contained the protected health information of 3,954 individuals including names, telephone numbers, email addresses, dates of birth, health insurance policy numbers and certain other types of personal health information.
Lena Pope Home added a substitute breach notice to its website on October 2, 2023, and notified the affected individuals via email. Lena Pope Home said they have enhanced technical safeguards, implemented multifactor authentication and GEO IP blocking for Office 365, and have provided additional security training for staff members. Affected individuals have been advised to remain vigilant against incidents of identity theft and fraud.
