Taylor Regional Hospital Still Recovering from January Cyberattack
Taylor Regional Hospital in Campbellsville, KY has suffered a cyberattack that has resulted in its IT and phone systems being taken offline. The cyberattack was reported by the hospital on January 24, 2021, and the hospital is still experiencing outages with certain computer systems and phone lines. Temporary phone lines have been set up to allow patients to contact the hospital while the cyberattack is resolved.
Cyberattacks such as this often involve ransomware, but no details have been released so far about the exact nature of the cyberattack, nor when its IT systems are expected to be restored. At this early stage, it is unclear if any patient information has been accessed or stolen by attackers.
A notice on the hospital’s website explains that quality care continues to be provided to patients and it is working as quickly as possible to safely bring its IT systems back online. Patients are encouraged not to delay seeking medical care; however, without access to IT systems, patients have been asked to bring lists of their medication with them to any appointments that have previously been scheduled.
The hospital said routine outpatient labs will only be performed during limited hours until further notice, and patients have been advised to bring a written order and patients should expect longer wait times than normal. The walk-in COVID-19 clinic is still open but will operate on a first-come, first-served basis.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Update: April 5, 2022: The incident has been reported to the HHS’ Office for Civil Rights as affecting 190,209 individuals.
Data Stolen in Cyberattack on Connecticut Accountancy Firm
The Glastonbury, CT-based certified public accountancy firm, Fiondella, Milone & LaSaracina, has announced it was the victim of a cyberattack in September 2021. The security breach was detected on September 14, 2021, with the forensic investigation determining the hackers had access to its systems from September 9, 2021.
On or around October 13, 2021, it was determined the hackers copied files and folders from its system that contained the sensitive data of certain individuals. The information potentially compromised was mostly limited to names and Social Security numbers, with some individuals also having information stolen related to ambulance trips, including date and tracking numbers, service level, payor types and category, mileage information, charge/payment information, billing review information, and remittance advice details, which may have included medical information.
Fiondella, Milone & LaSaracina said a review of security measures has been conducted and additional safeguards will be implemented to prevent further security breaches. There is no mention in the website breach notice of credit monitoring and identity theft protection services.
The breach has been reported to the HHS’ Office for Civil Rights as affecting 6,215 individuals.
