Data Breaches Confirmed by Tri-City Healthcare District; TheraCom
Tri-City Healthcare District, which includes Tri-City Medical Center in Oceanside, California, has recently informed the Maine Attorney General about a data breach affecting 108,149 individuals, including 14 Maine residents. Individual notifications were mailed to the affected individuals on October 11, 2024, informing them that unauthorized access to its computer network was identified on November 9, 2023. The forensic investigation confirmed that an unknown third party accessed files on its network on November 8, 2023, and retained access to its network until the following day when the intrusion was detected and blocked.
The review of the affected files was completed on September 27, 2024, and confirmed that the files contained information such as names, addresses, dates of birth, Social Security numbers, medical treatment/diagnosis information, dates of service, health insurance provider names, health insurance claim information, and/or treatment costs. No evidence has been found to indicate any misuse of patient data; however, as a precaution, the affected individuals have been offered complimentary access to Single Bureau Credit Monitoring/Credit Report/Credit Score services. Tri-City Healthcare District said it has implemented additional security measures to minimize the risk of further incidents in the future.
TheraCom, Pennsylvania
The Cencora-owned specialty mail-order pharmacy TheraCom has confirmed that the protected health information of 9,271 individuals was exfiltrated from its IT systems earlier this year. The substitute data breach notice does not state when or for how long its systems were breached, only that the incident was immediately investigated and law enforcement was notified.
A review of the exfiltrated files confirmed they contained information such as first and last names, addresses, dates of birth, prescription information, medical treatment information, medical histories, health insurance information, medical record numbers, and Medicare/Medicaid numbers. While data theft has been confirmed, TheraCom is unaware of any misuse of that information; however, as a precaution, the affected individuals have been offered 24 months of complimentary credit monitoring and identity theft protection services. TheraCom is working with third-party cybersecurity experts to reinforce its information security protocols and system security.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
