HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

56,000 Northwestern Memorial HealthCare Donors Impacted by Blackbaud Ransomware Attack

Northwestern Memorial HealthCare has discovered the personal information of individuals who had previously made donations to Northwestern Memorial HealthCare was potentially compromised in the recent Blackbaud ransomware attack. An unauthorized individual first gained access to Blackbaud systems on February 7, 2020, with the access possible until May 20,2020 when ransomware was deployed.

Prior to the use of ransomware, the attacker may have accessed a backup of a database that contained names, age, gender, dates of birth, medical record number, dates of service, departments of service, treating physicians, and/or limited clinical information. The database also contained the Social Security numbers and/or financial/payment card information of 5 individuals. In total, the information of 55,983 Northwestern Memorial HealthCare donors was potentially compromised in the attack.

Northwestern Memorial HealthCare is conducting a review of its third-party database storage vendors and its relationship with Blackbaud in order to prevent similar data breaches in the future.

Names and Health Insurance Information of 15,000 Lafayette Fire Department Ambulance Users Compromised

On July 27, 2020, the City of Lafayette, CO experienced a ransomware attack that disrupted the phone, email, online payment, and reservation systems and prevented the city from accessing essential data. After assessing the cost/benefits of all options, the decision was taken to pay the $45,000 ransom rather than risk extensive disruption and damage to its online operations.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

Prior to the deployment of ransomware, the attackers may have gained access to personal information stored on Lafayette’s computer network. In addition to the personal information, including Social Security numbers, of city employees, and usernames and passwords of individuals who used certain online services, the attackers potentially gained access to the names and health insurance identification numbers of 15,000 individuals who had been transported by the Lafayette Fire Department ambulance prior to January 1, 2018.

The city has cleaned and rebuilt its system servers and computers, crypto-safe backup systems have been deployed, and additional cybersecurity measures are being implemented to prevent further ransomware attacks.

Cook Children’s Medical Center Breach Impacts 1,768 Individuals

Fort Worth, TX-based Cook Children’s Medical Center has discovered a box of radiology images to be missing from a locked storage room. A search was conducted for the missing storage discs, but they could not be located. The protected health information contained on the discs was limited to names, dates of birth, medical record numbers, service dates, physician names, and scan types.

The images required specialist software to view, but some of the protected health information could have been viewed without specialist software. The images related to 1,768 individuals who had undergone hip and spine imaging between 2005 and 2014.  No reports have been received to suggest any information on the discs has been misused. All affected individuals have now been notified.

PHI of 2,102 Individuals Potentially Compromised in D&S Residential Holdings Phishing Attack

Austin, TX-based D&S Residential Holdings has discovered an unauthorized individual gained access to some employee email accounts between April 20, 2020 and June 15, 2020 as a result of responses to phishing emails.

D&S Residential Holdings conducted a comprehensive investigation, assisted by a leading computer security firm, but was unable to determine whether any information in the email accounts was accessed or stolen by the attackers.

A review of the email accounts revealed they contained protected health information. Individuals whose Social Security number was compromised in the attack have been offered 12 months of complimentary credit monitoring and identity theft protection services.  The breach report submitted to the HHS’ Office for Civil Rights indicates 2,102 individuals were affected by the breach.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.