Alera Group Notifies 155K Individuals About July 2024 Hacking Incident
Alera Group has notified more than 155,000 individuals about a July 2024 hacking incident. Data breaches have also been announced by The Good Samaritan Health Center of Cobb and Western Montana Clinic.
Alera Group Notifies Individuals About July 2024 Hacking Incident
Alera Group, Inc., a provider of risk management, insurance, and financial services, has notified 155,567 individuals about the potential theft of some of their protected health information. The incident was first announced on May 21, 2025, and has recently been reported to the HHS’ Office for Civil Rights.
Suspicious network activity was detected in August 2024, and the forensic investigation confirmed unauthorized access to its network between July 19, 2024, and August 4, 2024. During that time, sensitive data may have been copied. A file review was initiated to determine the types of data involved and the individuals affected, and that process was completed on April 28, 2025.
Alera Group has confirmed that the data related to employees and certain clients, business partners, and providers. That information included names, addresses, demographic information, dates of birth, birth/marriage certificates, Social Security numbers, driver’s licenses, financial account/credit card information, passports, other government-issued IDs (such as state IDs, military IDs, tribal IDs or taxpayer identification numbers), medical information (such as medical histories, diagnosis information, medications, and treatment/testing information), medical record numbers, insurance/claims data (potentially including health insurance information and Medicare/Medicaid IDs), electronic/digital signatures, biometric information, and username/password information. Alera Group has implemented additional cybersecurity measures to reduce the risk of similar incidents in the future.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
The Good Samaritan Health Center of Cobb Announces Hacking Incident
The Good Samaritan Health Center of Cobb, in Marietta, Georgia, a provider of healthcare services to underserved and uninsured individuals, has disclosed a cybersecurity incident via its legal counsel. On or around November 4, 2024, suspicious activity was identified in its computer systems. A third-party cybersecurity firm was engaged to investigate the activity and confirmed unauthorized network access by an unknown third party, who may have viewed or acquired patient information. That third party appears to be the Qilin ransomware group, which claimed responsibility for the attack on its dark web data leak site.
The file review confirmed that the exposed data included full names, Social Security numbers, financial information, driver’s license or state identification information, medical information, and health insurance information. No reports have been received to date to indicate any misuse of that information; however, as a precaution, the affected individuals have been offered complimentary credit monitoring and identity theft protection services.
Several steps have been taken since the incident to improve security, including implementing encryption, password changes, and new technical safeguards. A new Security Rule risk analysis has been conducted, and a risk management plan has been implemented. The Good Samaritan Health Center will also be conducting periodic technical and non-technical evaluations of its security measures. There is no listing on the HHS’ Office for Civil Rights breach portal at present, so it is currently unclear how many individuals have been affected.
Western Montana Clinic Targeted in Phishing Campaign
Western Montana Clinic in Missoula has notified 8,255 patients that some of their personal and protected health information has been exposed in a security incident. Employees were targeted in a phishing campaign, and several employees responded and disclosed their login credentials, allowing unauthorized access to their accounts between March 11, 2025, and April 15, 2025.
The main purpose of the campaign was to change bank account information to divert payments to the attacker’s account, rather than to obtain patient information; however, data theft could not be ruled out. The incident was confined to email accounts, which were found to contain names, contact information, dates of birth, treating physician names, internal identification numbers, dates of service, diagnostic information, treatment information, medications, and for a small subset of patients, Social Security numbers. Western Montana Clinic said it will review email security and will continue to provide security awareness training to the workforce to help employees recognize and avoid phishing emails.
