Prominence Health Plan Data Breach Impacts up to 45,000 Individuals Associates
Jun23

Prominence Health Plan Data Breach Impacts up to 45,000 Individuals Associates

The Nevada health insurer Prominence Health Plan has announced it suffered a security breach on November 30, 2020 in which hackers potentially obtained the protected health information of some of its plan members. The data breach was discovered on April 22, 2021 and steps were immediately taken to prevent further unauthorized access, including changing the credentials used by the attacker to gain access to its network. While Prominence Health Plan has not confirmed whether this was a ransomware attack, all affected plan member data has been restored from backups. The incident involved audio recordings of phone calls to the Prominence call center along with PDF files that included provider claim forms and letters to patients advising them about claim approvals and denials. The audio files typically included full names, dates of birth, and member ID numbers, while the PDF files contained a member’s name, date of birth, sex, member ID number, mailing address, and claim code. The files included PHI of individuals who had been members between 2010 and 2020. Approximately 45,000...

Read More
San Juan Regional Medical Center Data Breach Affects 68,792 Patients
Jun23

San Juan Regional Medical Center Data Breach Affects 68,792 Patients

San Juan Regional Medical Center has recently notified tens of thousands of its patients about a security breach that occurred in the fall of 2020. The Farmington, NM medical center discovered its network had been accessed by an unauthorized individual on September 8, 2020. Prompt action was taken to prevent further unauthorized access and an investigation was launched to determine the nature and extent of the breach. The forensic investigation revealed the attacker exfiltrated files between September 7th and 8th, with a manual review of those files confirming they contained the protected health information of 68,792 patients. The types of information in the files varied from patient to patient and included names in combination with one or more of the following date elements: Dates of birth, Social Security numbers, driver’s license numbers, passport information, financial account numbers, health insurance information, diagnoses, treatment information, medical record numbers, and patient account numbers. While data theft was confirmed, no evidence has been found to indicate any of...

Read More
Bipartisan Group of Senators Introduce Federal Data Breach Notification Bill
Jun22

Bipartisan Group of Senators Introduce Federal Data Breach Notification Bill

A bipartisan group of senators has introduced a federal data breach notification bill – the Cyber Incident Notification Act of 2021 – that requires all federal agencies, contractors, and businesses that have oversight over critical infrastructure to report significant cyber threats to the Cybersecurity and Infrastructure Security Agency (CISA) within 24 hours of discovery. The draft bill was introduced by Senators Mark Warner (D-VA), Marco Rubio (R-FL), and Susan Collins (R-ME) but has yet to be formally introduced in the Senate. The bill seeks to address many of the issues that have been identified following recent cyberattacks that have impacted critical infrastructure, such as the SolarWinds Orion supply chain attack and the ransomware attacks on JBS and Colonial Pipeline. The purpose of the new bill is to ensure timely federal government awareness of cyber intrusions that pose a threat to national security, which will enable the development of a common operating picture of national-level cyber threats. Entities discovering cyber threats will be required to provide...

Read More
NIST Releases Draft Guidance for Ransomware Risk Management
Jun22

NIST Releases Draft Guidance for Ransomware Risk Management

The National Institute of Standards and Technology (NIST) has released a draft Cybersecurity Framework Profile for Ransomware Risk Management to help organizations prevent, respond and recover from ransomware attacks. The Ransomware Profile is intended to be used by organizations that have adopted the NIST Cybersecurity Framework and want to improve their risk postures or any organization that has not yet adopted the Framework but wants to implement a risk management framework to meet ransomware threats. The Ransomware Profile can be used to identify and prioritize opportunities for improving their ransomware resistance. The Ransomware Profile includes a series of steps that should be taken to prevent ransomware attacks and effectively manage ransomware risk. It should be used in conjunction with the NIST Cybersecurity Framework, other NIST guidance, and guidance issued by the Federal Bureau of Investigation and Department of Homeland Security. The Ransomware Profile outlines basic measures that can be implemented to improve defenses against ransomware attacks. These include the...

Read More
South Texas Health System and Atricure Report Email Incidents
Jun21

South Texas Health System and Atricure Report Email Incidents

South Texas Health System has notified 6,761 about an accidental disclosure of some of their protected health information. South Texas Health System provides discharge instructions after patients receive medical care in its hospitals. Part of that process involves an employee generating and emailing a monthly report that identifies patients that have been discharged from its hospital emergency departments. South Texas Health System discovered on April 8, 2021 that an email with an attached November 2020 report was sent to an incorrect email address on April 7. Steps were taken to try to identify the recipient and get the email deleted, but that individual remains unknown and it is unclear whether the email has been opened, viewed, or deleted. The email attachment contained a list of patients discharged from its hospital emergency departments in November 2020, which included names, internal hospital visit numbers, date and time of discharge, whether discharge instructions were provided, and information about where the patients were discharged. The nature of the data in the report...

Read More