RRCA Accounts Management Falls Victim to Play Ransomware Attack
RRCA Accounts Management and Aspen Healthcare Services have confirmed they experienced ransomware attacks that involved unauthorized access to patient data. Pinnacle Claims Management has recently announced that it was affected by a MOVEit hack in May 2023.
RRCA Accounts Management
Last month, the Sterling IL-based collection agency, RRCA Accounts Management, announced that it had fallen victim to a ransomware attack by the Play ransomware group. The attack occurred on June 6, 2024, and was detected and blocked on June 7, 2024. The forensic investigation confirmed that the majority of files accessed by the Play ransomware group did not include any personal information; however, some personal information provided by its healthcare clients had been stolen. RRCA confirmed in its breach notice that there was a full release of the stolen data by the Play threat group on August 20, 2024.
The personal information stolen in the attack varied from individual to individual and may have included full names, addresses, phone numbers, dates of birth, and email addresses with one or more of the following: Social Security number or taxpayer ID, driver’s license number, passport number, health insurance information, health information (medical record number, places of treatment, physician’s name), payment information (billing and insurance claims, payment card and account numbers), username, IP address, and/or demographic information (gender, religious views, race).
Notification letters have been mailed to the affected individuals and complimentary credit monitoring and identity theft protection services have been offered. RRCA has confirmed that additional organizational, technical, and administrative security measures have been implemented. The breach was recently reported to the HHS’ Office for Civil Rights as affecting 115,837 individuals.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Pinnacle Claims Management
Pinnacle Claims Management, an Irving, CA-based administrator for employers who self-fund their health care benefits, has recently notified the California Attorney General that it was impacted by the mass exploitation of a zero-day vulnerability in Progress Software’s MOVEit file transfer solution in May 2023.
Pinnacle Claims Management only learned that it had been affected on July 23, 2024, 14 months after the breach occurred. Third-party cybersecurity experts were engaged to investigate the breach and that process was completed on October 23, 2024. The individual notification letters sent to the affected individuals state which types of information were involved. Pinnacle Claims Management said it has taken steps to enhance security and prevent similar incidents in the future.
Update: November 28, 2024: Pinnacle Claims Management has issued a press release confirming names, dates of birth, treatment information, and diagnosis information were compromised in the incident, and the breach has been reported to the HHS’ Office for Civil Rights as involving the ePHI of 1,119 individuals.
Aspen Healthcare Services
Aspen Healthcare Services, a Lewisville, TX-based provider of home healthcare and hospice services, has alerted 7,195 individuals about an attempted ransomware attack on its electronic medical record system. The incident was detected on October 23, 2024, and immediate action was taken to secure its systems and prevent further unauthorized access. The forensic investigation confirmed that the threat actor may have accessed sensitive information such as names, dates of birth, addresses, insurance IDs, health records, and potentially Social Security numbers. No financial information was involved. Notification letters have been mailed to the affected individuals and complimentary credit monitoring and identity theft protection services have been offered.
