Cyberattacks Reported by Independent Case Management & Conifer Health Solutions
Conifer Health Solutions Discovers Email Account Breach
Conifer Health Solutions, a Frisco, TX-based provider of revenue cycle management and other administrative services to healthcare providers, has recently discovered that an unauthorized third-party gained access to a Microsoft Office 365 hosted business email account.
The breach was detected during an internal review, with the subsequent investigation determining the email account was compromised on January 20, 2022. The breach was confined to a single email account, which was separate from its internal network and systems. The review of the email account was conducted between June 13 and August 3 and determined it contained the protected health information of 134,948 individuals, including full names, dates of birth, addresses, Social Security numbers, financial account information, medical and treatment information, health insurance information, and billing and claims information. The breach is known to have affected patients of at least 6 hospitals in Texas.
Steps were immediately taken to prevent further unauthorized access and additional security measures have now been implemented, including multifactor authentication and enhanced monitoring of the email environment. Complimentary credit monitoring and identity protection services have been offered to individuals whose Social Security numbers or financial account information was exposed.
Ransomware Attack Reported by Independent Case Management
Little Rock, AR-based Independent Case Management (ICM), a provider of home and community-based support for individuals with intellectual and developmental disabilities, has recently notified 3,307 individuals that some of their protected health information may have been stolen in a ransomware attack.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
According to the notification letters, three servers were affected by the attack. The servers were encrypted on December 24, 2021, and a ransom note was dropped on the servers; however, the attack was not detected by ICM until June 15, 2022, as the servers were only used to store historical employee and customer data.
When the attack was detected, a third-party IT vendor was engaged to isolate the servers and perform security scans to ensure that access to the servers was blocked and no other systems or data were affected. The investigation confirmed that only 3 servers were affected, and they contained information such as names, addresses, dates of birth, Social Security numbers, health records, insurance plan and payment information, Medicaid numbers, and medical and health records. Some employee files were also stored on the servers. ICM said it was not possible to determine if specific personal information was accessed, removed, or misused.
ICM said steps have been taken to improve the privacy and security of personal information, including conducting regular security scans, implementing multifactor authentication, improving monitoring systems, and providing additional cybersecurity training to employees.
