Coastal Family Health Center Cyberattack Affects 62,000 Patients
Coastal Family Health Center (CFHC), the fourth largest community health center in Mississippi, has started notifying patients about a May 13, 2021 cyberattack that involved some of their protected health information.
CFHC said hackers attempted to shut down its computer operations; however, that attempt failed and CFHC was able to continue treating patients and providing services to the community. An investigation was immediately launched into the incident to determine how the attack occurred and whether any sensitive patient information was accessed by the hackers.
On June 4, 2021 the investigation revealed some files accessed by the attackers contained the protected health information of patients, including names, addresses, Social Security numbers, health insurance information, and health and treatment information.
Independent cybersecurity professionals were engaged to assist with improving the security of its systems and policies and procedures have been changed to prevent further breaches in the future. After determining current mailing addresses, notification letters were sent to affected individuals on July 2, 2021.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
While there have been no reported cases of misuse of patient information, out of an abundance of caution, CFHC is providing all affected individuals with complimentary identity theft protection services through IDX.
The incident has been reported to the Department of Health and Human Services’ Office for Civil Rights as affecting 62,342 current and former patients.
Carle Cancer Treatment Reports Hacking Incident Affecting 8,066 Patients
Carle Cancer Treatment in Normal, IL has started notifying 8,066 patients that some of their protected health information was exposed in a cyberattack on data storage vendor Elekta.
Elekta investigated the data breach and determined hackers had access to its systems between April 2 and April 20, 2021 and during that time may have accessed or obtained patient information such as full names, addresses, demographic data, Social Security numbers, birth dates, height/weight measurements, medical diagnoses, medical treatment information, and appointment confirmations.
Carle Cancer Treatment Normal was notified about the breach on April 29. Elekta said its investigation uncovered no evidence indicating patient information was publicly disclosed or used for fraudulent purposes. Affected individuals have been offered complimentary credit monitoring and identity theft protection services.
