Veradigm Announces Data Breach Affecting Several Customers
On September 22, 2025, Veradigm, a Chicago, Illinois-based provider of practice management and electronic health record solutions to healthcare providers (formerly Allscripts), started issuing notification letters about a July 2025 security incident that involved unauthorized access to customer data. On July 1, 2025, Veradigm learned that an unauthorized third party had accessed one of its storage locations. Steps were immediately taken to block the unauthorized access, law enforcement was notified, and third-party digital forensics and cybersecurity experts were engaged to investigate the activity and mitigate any impact of the unauthorized access. The investigation determined that a data security incident at one of its customers resulted in credential theft that allowed access to a Veradigm storage account. The attacker used the credentials to access the storage account on or around December 2024. Veradigm learned about the unauthorized access through a third party that was investigating its customer’s security incident. The data breach was limited to the storage account,...
Security Researcher Identifies Exposed 150,000-record Home Health Care Database
Cybersecurity researcher Jeremiah Fowler has found an exposed 23.7 GB database containing more than 145,000 files, such as PDFs, PNGs, and other image files. The database has been linked to the California home health and palliative care provider, Archer Health. Fowler analyzed a sample of the files and identified patient names, contact information, Social Security numbers, and patient ID numbers. The files included medical documents such as discharge summaries, which included health information such as conditions, diagnoses, admission and discharge dates, treatment information, care plan information, as well as assessments and home health certifications. Many of the image files were screenshots of healthcare management software that showed active dashboards, logging, tracking, and scheduling details. Some of the folder names included patients’ first and last names – a bad security practice. As Fowler pointed out, personally identifiable information such as patient names can easily be exposed through error or monitoring logs. Fowler was able to link the database to Archer Health and...
Bayhealth Medical Center Agrees to Settle 2024 Data Breach Lawsuit
Bayhealth Medical Center in Dover, Delaware, has agreed to settle a proposed class action lawsuit stemming from a 2024 ransomware attack. The attack was detected on July 31, 2024, when suspicious activity was observed within its computer network. The forensic investigation determined that the threat actor had access to its systems from July 27 to July 31, 2024, and that files were exfiltrated during the attack. The data breach was reported to the HHS’ Office for Civil Rights on October 14, 2024, as involving the electronic protected health information of 497,047 individuals. The stolen files contained patients’ names, medical information, and Social Security numbers. The Rhysida ransomware group claimed responsibility for the attack and uploaded samples of the stolen data to its dark web data leak site, including identification documents, Social Security numbers, contact information, and other sensitive patient data. Rhysida is a ransomware-as-a-service group that has been in operation since at least 2023. The group engages in double extortion tactics, demanding payment for the...
Cyber Insurance Claims Fall But Ransomware Losses Increase
There’s good and bad news on the ransomware front. Attacks are down year-over-year; however, successful attacks are proving even costlier to mitigate, according to the Mid-Year Risk Report from the cyber risk management company Resilience. The company saw a 53% reduction in cyber insurance claims in the first half of the year, which indicates organizations are getting better at preventing attacks; however, when ransomware attacks succeed, they have been causing increased financial harm, with losses 17% year-over-year. While ransomware accounted for just 9.6% of claims in H1, 2025, ransomware attacks accounted for 91% of incurred losses. On average, a successful ransomware attack causes $1.18 million in damages, up from $1.01 million in 2024, and the cost is even higher in healthcare. Resilience’s healthcare clients suffered average losses of $1.3 million in 2024, and in the first half of 2025, some healthcare providers faced extortion demands as high as $4 million. While it is too early to tell what the severity of claims will be in 2025 until claims are settled, Resilience said...
LCMC Health Agrees to Settle Lawsuit Over Tracking Code on Patient Portal
LCMC Health Holdings and Louisiana Children’s Medical Center have agreed to settle a lawsuit that alleged that tracking code added to its website and patient portal transmitted sensitive patient information to Facebook, Google, and others without patients’ knowledge or consent. According to the lawsuit, Pebbles Martin v. LCMC Health Holdings, Inc. and Louisiana Children’s Medical Center, LCMC Health added Meta Pixel and other tracking tools to its website and patient portal, which tracked, recorded, and disclosed patients’ personal health information to Facebook, Google, and other third parties. The tools were able to track various metrics, including the pages visited, the buttons clicked, and specific information input into the website. The lawsuit alleged that the data transmitted by the tracking tools was used to serve website visitors with targeted advertisements and gain an intimate personal profile of patients without their knowledge or consent. LCMC Health is one of many healthcare providers to add Meta Pixel and other tracking tools to their websites and patient portals....



