Elitecare Emergency Hospital Confirms 24,750-Record Data Breach
Data breaches have recently been reported by Elitecare Emergency Hospital in Texas, Welcome Health in California, and Maryville Academy in Illinois.
Elitecare Emergency Hospital, Texas
Elitecare Emergency Hospital in League City, TX, has notified 24,754 patients about a recent cybersecurity incident. Suspicious activity was detected within its network on July 10, 2024. Systems were turned off to prevent any further impact and third-party cybersecurity experts were engaged to investigate the breach. On July 17, 2024, it was confirmed that an unauthorized individual had accessed patients’ protected health information.
It was not possible to determine the exact types of data that were accessed for each individual; however, the breach involved data such as names, addresses, dates of birth, phone numbers, and email addresses along with one or more of the following: health insurance information, Medicare/Medicaid numbers, medical record numbers, provider names, diagnoses, medications, test results, treatment information, billing and claims information, Social Security numbers, and/or driver’s license numbers/government state IDs.
Elitecare Emergency Hospital has engaged experts to monitor the dark web and Internet for any publication of the affected data, and at the time of issuing notifications, there were no indications that any of the affected data had been published. Policies have been reinforced and additional technical safeguards have been implemented to reduce the risk of similar incidents in the future. Elitecare Emergency Hospital has offered the affected individuals complimentary credit monitoring and identity theft protection services for 2 years.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Welcome Health, California
The Whittier, CA-based primary care provider Welcome Health has identified unauthorized access to an employee’s email account. The unauthorized access was detected on July 8, 2024, as a result of the employee’s credentials being compromised. The investigation confirmed that the email account had been accessed by an unauthorized individual between June 11, 2024, and July 8, 2024.
The account was reviewed, and it was confirmed that patient and contractor information had been exposed. For patients, the exposed information included first and last names, dates of birth, patient numbers, health plan member numbers, claim numbers, dates of service, and diagnosis and treatment information. Contractors had their first and last names, Social Security numbers, and/or tax identification numbers exposed.
In response to the breach, relevant policies and procedures have been reinforced and targeted security awareness training has been provided to the workforce. The affected individuals have been offered complimentary credit monitoring and identity theft protection services for 24 months. The breach was recently reported to the HHS’ Office for Civil Rights as affecting 597 individuals.
Maryville Academy, Illinois
Maryville Academy, a Des Plaines, IL-based childcare agency, has experienced a data security incident that involved unauthorized access to systems containing sensitive personal information. The breach was detected on July 15, 2024, and immediate action was taken to secure its systems and prevent further unauthorized access.
Third-party cybersecurity experts were engaged to investigate the incident and confirmed that the parts of the network that were accessed included documents that contained information such as names, addresses, Social Security numbers, passport numbers, other government IDs, and medical information, including diagnoses, treatment information, and medical histories.
Maryville Academy said it has enhanced its endpoint monitoring software, changed passwords, and implemented additional security controls. The breach was recently reported to the HHS’ Office for Civil Rights as affecting 500 individuals.
