Patient Data Exposed in Cyberattacks on PruittHealth & Easterseals Central Illinois
PruittHealth has notified patients about a November 2023 ransomware attack and has confirmed that patient data was stolen. Easterseals Central Illinois is investigating a cyberattack that exposed patient data, and IACT Health has been affected by a cyberattack on its business associate Advarra.
PruittHealth Confirms Patient Data Was Stolen in November 2023 Ransomware Attack
PruittHealth, a health system with 180 care centers facilities in Florida, Georgia, North Carolina, and South Carolina, has confirmed that patient data was stolen in a November 2023 cyberattack. While the “illegal foreign actors” behind the attack were not named in the breach notice, the NoEscape ransomware group claimed responsibility for the attack and said 1.5TB of data was stolen.
PruittHealth said it took immediate action when the breach was detected to prevent further unauthorized access and engaged a cybersecurity firm to investigate the incident, which confirmed that files had been infiltrated from its network. The hackers demanded a ransom payment to prevent the release of the stolen data.
PruittHealth said the hackers claimed to have uploaded the stolen data to their dark web blog site on December 7, 2023; however, before the forensic specialists could access the files, the blog site was taken down. It was therefore not possible to verify the hackers’ claim nor confirm the patients affected or the data involved. A review was conducted of the compromised file server which confirmed that it contained patient names, dates of birth, government identification information, demographic information, contact information, home address, Social Security numbers, bank account numbers, health insurance information, and health information.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
PruittHealth said it is working on enhancing its privacy and security practices and technical security controls and has advised patients to be wary of scams and remain vigilant for incidents of fraud and identity theft. The breach was reported to the HHS’ Office for Civil Rights as affecting 56,405 patients.
Easterseals Central Illinois Confirms April 2024 Cyberattack
Easterseals Central Illinois, a provider of services to individuals with autism and other disabilities, has fallen victim to a cyberattack that caused network disruption and affected the functionality and availability of its computer systems. The attack was detected on April 1, 2024, and immediate action was taken to secure its systems to prevent further unauthorized access. Third-party cybersecurity specialists were engaged to investigate the incident and determine whether sensitive data was compromised.
It has now been confirmed that the attackers had access to files containing patient data. That information included names, dates of birth, Social Security numbers, and medical information. The investigation into the incident is ongoing; however, the breach has been reported to the HHS’ Office for Civil Rights as affecting 500 individuals – a commonly used placeholder when the actual number of individuals affected has yet to be determined. Easterseals Central Illinois has taken steps to improve security, including deploying industry-leading endpoint security software, transitioning to cloud-based servers, hardening credentials, and adopting multi-factor authentication.
October 2024 Update
In October 2024, Easterseals confirmed in a notification letter to the Maine Attorney General that the breach involved the personal data of 14,855 individuals. The OCR Breach Portal still shows the placeholder figure of 500 individuals. Easterseals has also confirmed that addresses, driver’s license numbers, password numbers, and health information may have been involved for some affected individuals. The finalized list of the affected individuals was obtained on October 7, 2024. In response to the breach, Easterseals has implemented additional security measures which include industry-leading endpoint security software, transitioning to cloud-based servers, credential hardening, and multi-factor authentication. The Rhysida ransomware group claimed responsibility for the attack and demanded a 20 BTC ransom – approximately $1,350,000.
IACT Health Affected by Advarra Cyberattack
IACT Health, a Georgia research institute now called Centricity Research, has notified 676 individuals about a security incident at business associate Advarra that occurred in October 2023. Data was compromised in the attack including three spreadsheets that contained patients’ names, dates of birth, addresses, and limited medical information. Advarra has implemented additional safeguards to prevent similar incidents in the future, but IACT Health took the decision to terminate its relationship with Advarra.
