25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Harbin Clinic: 210,000 Individuals Affected by Nationwide Recovery Service Data Breach

Posted By on May 21, 2025

Harbin Clinic has been affected by a cyberattack on the debt collection agency Nationwide Recovery Service, Gardner Health Services has fallen victim to a cyberattack by the Cl0p group, and Gilead Sciences has reported a data breach at a mailing vendor.

Harbin Clinic, Georgia

Harbin Clinic, a primary healthcare provider with locations throughout Northwest Georgia, Northeast Alabama, and Southeast Tennessee, is one of the latest healthcare providers to confirm that they have been affected by a data breach at the debt recovery vendor, Nationwide Recovery Service (NRS).

Harbin Clinic uses Nationwide Recovery Service for delinquent accounts, services related to bankruptcies, lawsuits, and patient estate matters. In July 2024, NRS identified suspicious activity within its network. The forensic investigation confirmed that there had been unauthorized access to its network between July 5, 2024, and July 11, 2024. During that time, files and folders were copied from its network without authorization. NRS completed the review in February 2025 and informed Harbin Clinic that some of the copied files contained data related to patients and guarantors whose accounts were sent to collections, as well as individuals involved in other legal proceedings.

In March, Harbin Clinic was provided with a list of 210,140 affected individuals and the types of data involved, which included names, addresses, dates of birth, Social Security numbers, financial account information, guarantor information, and medical-related information. When informed about the cyberattack, Harbin Clinic severed NRS’s access to its systems and conducted an investigation, which confirmed there had been no unauthorized access to Harbin Clinic’s systems. Harbin Clinic has chosen to notify the affected individuals and has advised them to remain vigilant for the next 12 to 24 months against identity theft and fraud. When notification letters were issued, Harbin Clinic was unaware of any misuse of patient and guarantor information.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

The data breach was reported to the HHS’ Office for Civil Rights as involving the protected health information of 176,149 individuals. The Maine Attorney General was informed that the personal information of 210,140 individuals was compromised.

Gardner Health Services, California

Gardner Health Services, a San Jose-based non-profit healthcare provider serving the Santa Clara and San Mateo counties in California, has notified the HHS’ Office for Civil Rights that up to 26,000 patients have had their data stolen in a cyberattack. Gardner Health Services has not uploaded a substitute breach notice to its website at this time, so it is currently unclear what information was stolen in the cyberattack; however, the Cl0p threat group has claimed responsibility for the attack and has added Gardner Health Services to its dark web data leak site.

Cl0p claims to have exfiltrated data and published the data in full on the dark web when its attempts to make contact were ignored. The Cl0p threat group has used ransomware in the past; however, it tends to concentrate on the mass exploitation of vulnerabilities in file transfer solutions and steals sensitive data to extort victims. Most recently, Cl0p exploited vulnerabilities in Cleo file transfer software.

Gilead Sciences, California

Gilead Sciences, a Foster City, California-based biopharmaceutical company, has notified the HHS’ Office for Civil Rights about a recent security incident affecting 12,224 individuals. Gilead Sciences works with a software company called Trusaic, whose software is used for Affordable Care Act compliance. Trusaic used a mailing vendor called Billing Document Specialists (BDS), which mailed 1095-C tax forms on February 7, 2025. The shipping labels included an individual’s name, address, and an 18-digit string that included their Social Security number.  Trusaic identified the mailing error on February 18, 2025, and has been working with BDS to improve security controls to prevent similar incidents in the future.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist