25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

7,000-Record Data Breaches Reported by Seneca Nation Health System & Catholic Charities

Posted By on Sep 17, 2024

Seneca Nation Health System has reported a cyberattack to the HHS’ Office for Civil Rights that involved the protected health information of 7,633 patients. The Salamanca, NY-based non-profit public health system does not currently have a breach notice on its website and the information displayed on the HHS’ Office for Civil Rights breach portal is limited, stating that this was a hacking/IT incident involving a network server.

The breach report appears to be a ransomware attack by the Inc Ransom ransomware group that was added to its data leak site in May 2024. This is not the first ransomware attack on Seneca Nation Health System, as it experienced an attack in 2019 that prevented access to its charts and scheduling system, although in that attack no patient data was compromised. A cyberattack was also experienced in 2022 that involved the protected health information of up to 12,000 individuals.

Catholic Charities CYO of The Archdiocese of San Francisco

Catholic Charities CYO of the Archdiocese of San Francisco has recently announced that it has experienced a network security incident that exposed the protected health information of 7,168 individuals. The forensic investigation confirmed on July 31, 2024, there was unauthorized access to its network between September 23, 2023, and September 29, 2023, and during that time, files containing patient information may have been viewed or acquired.

The exposed data included full names, dates of birth, Social Security numbers, financial account/banking information, driver’s license numbers/state identification numbers, medical information, passport numbers, health insurance information, national identification numbers, medical histories, government-issued national identification numbers, and email usernames/passwords. Catholic Charities has not identified any misuse of the impacted data.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Complimentary identity monitoring and protection services have been offered to individuals whose Social Security numbers were involved in this incident.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist