60,000 Individuals Affected by Texas Medical Liability Trust Data Breach
The Texas Medical Liability Trust (TMLT) has reported a data breach to the Maine Attorney General on behalf of itself and its affiliates, Texas Medical Insurance Company, Physicians Insurance Company, and Lone Star Alliance, Inc., a Risk Retention Group that has affected 59,901 individuals.
Suspicious activity was detected within its IT environment on October 12, 2022. Steps were taken to secure its systems and third-party forensics specialists were engaged to investigate. They determined that an unauthorized actor had access to its environment between October 2, 2022, and October 13, 2022, and during that time, files containing protected health information may have been accessed that included names, Social Security numbers, EIN/Tax Identification numbers, state identification/driver’s license information, and financial account information. It took until August 18, 2023, to complete the review of the affected files.
Complimentary credit monitoring services have been offered to the affected individuals and a review of policies, procedures, and processes related to the storage and access of sensitive information has been conducted.
Email Account Breach Affects Patients of Bloom Health Centers
On July 5, 2023, Bloom Health Centers in Timonium, MD, identified suspicious activity in its Microsoft 365 email environment. Steps were immediately taken to prevent further unauthorized access and an investigation was launched to identify the activity. Assisted by a third-party cybersecurity firm, Bloom Health Centers determined that the email account of one of its clinicians was accessed without authorization on or around June 23, 2023.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
The review of the account was completed on August 7, 2023, and confirmed the account contained the protected health information of 1,545 patients including names, addresses, email addresses, telephone numbers, dates of birth, and medical information such as medications and diagnoses. That information may have been accessed or acquired during the incident; however, no instances of misuse of patient data have been identified.
The affected individuals have now been notified by mail and credit monitoring and identity theft protection services have been offered. Email security measures have been enhanced and further training on data protection best practices have been provided to all members of the workforce.
Prime Therapeutics/Magellan Rx Management Report Email Account Breach
Prime Therapeutics, a Minnesota-based pharmacy benefit management company serving health plans, employers, and government programs, and the next-generation pharmacy organization, Magellan Rx Management, a Prime Therapeutics company, have experienced a data breach involving the protected health information of 6,050 individuals.
The compromised data was stored in an employee’s mobile email account, which was discovered on July 11, 2023, to have been accessed by an unauthorized individual. The compromised credentials were disabled, the unauthorized individual’s IP address was blacklisted, and a review was conducted to determine what information had been exposed. While evidence of unauthorized data access was not found, the attacker may have been able to view names, addresses, dates of birth, member ID numbers, and medication(s).
Prime Therapeutics said it will continue to review internal procedures for potential improvements to strengthen account security and is evaluating additional safeguards to help prevent similar incidents from reoccurring in the future.
Carthage Area Hospital and Claxton Hepburn Medical Center Dealing with Cyberattack
Carthage Area Hospital and Claxton Hepburn Medical Center in Northern New York experienced a cyberattack on August 31, 2023. The hospitals put their emergency rooms on diversion and appointments were cancelled as a precaution due to IT systems being taken offline.
The FBI, New York State Department of Health, and the Department of Homeland Security were notified about the attack and the government is aware of the threat actor behind the attack but has not disclosed which group was responsible. A statement was issued shortly after the attack confirming that an investigation had been initiated, and at the time it did not appear that patient data had been compromised.
As the investigation progressed, it was discovered that the hackers gained access to a limited amount of patient data. The IT team was able to contain the breach before the attackers gained access to millions of records, according to CEO Rich Duvall. Duval said that the names of 30 patients were leaked, along with phone numbers and the reason they were in hospital.
In a December 2023 update, the hospitals said they have been working with the FBI and have discovered the location of the stolen data. The attackers stored the data on a server belonging to a legitimate company, Wasabi Technologies in Boston, Massachusetts. Wasabi Technologies stores data but it does not check whether the data stored on its servers has been stolen from other companies. The hospitals have now taken legal action to recover the data and separate it from data stolen from other companies. Duvall said most hospital systems have been restored following the attack but there are still some glitches. He also confirmed that no ransom was paid.
