Data Breaches Reported by Peerstar, La Red Health Center, Fredericksburg Foot & Ankle Center
Peerstar LLC, a Pennsylvania-based provider of mental health support services, said 11,438 patients have been notified about the exposure and potential theft of their protected health information. Suspicious activity was detected on its network on March 7, 2023, and third-party security experts were engaged to investigate the incident and assess the security of its systems. On May 17, 2023, it was confirmed that an unauthorized third party had access to its systems between February 22, 2023, and March 3, 2023, and protected health information had been exposed. Peerstar said it is unaware of any actual or attempted misuse of patient data.
The types of information exposed varied from individual to individual and may have included the following: first and last name, address, phone number, email address, Social Security number, date of birth, admission date, discharge date, physical or mental health condition, treatment and diagnosis information, driver’s license number or government-issued identification number, financial account number, credit or debit card number, digital signature, birth or marriage certificate, healthcare payment information, and/or health insurance information, including, application and claims history, and policy number or subscriber identification number.
Peerstar has confirmed that additional cybersecurity safeguards are being implemented, employee cybersecurity training has been enhanced, and cybersecurity policies, procedures, and protocols are being improved.
Fredericksburg Foot & Ankle Center Reports April 2023 Data Breach
Fredericksburg Foot & Ankle Center in Fredericksburg, VA, has reported a data breach to the Maine Attorney General that has affected up to 14,912 individuals. In the October 25, 2023, breach notice, the healthcare provider did not disclose when it was first alerted to a potential breach, but said it learned on September 5, 2023, that files were accessed by an unauthorized third party on or around April 21, 2023.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
The files included patients protected health information including names, other personal identifiers, and Social Security numbers. Affected individuals have been provided with complimentary single bureau credit monitoring services and said it will continue to evaluate and modify its practices and internal controls to enhance the security and privacy of personal information.
La Red Health Center Investigating Cyberattack
La Red Health Center in Georgetown, DE, has recently reported a data breach to the HHS’ Office for Civil Rights that has affected at least 501 individuals. 501 is frequently used as a placeholder to meet breach reporting requirements when the total number of affected individuals has yet to be determined. While the number of affected patients has yet to be confirmed, the breach has been reported to the Maine Attorney General as affecting 35,602 individuals in total.
La Red Health Center said suspicious activity was detected within its network on April 11, 2023. Assisted by third-party security experts, the healthcare provider determined that there had been unauthorized access to its network between March 27, 2023, and April 6, 2023. On August 21, 2023, the affected files were confirmed, and a review was initiated to determine the individuals affected and to obtain up-to-date contact information. The website breach notice does not state what information was compromised in the attack.
