Email Accounts Compromised at LifeBridge Health
LifeBridge Health has discovered unauthorized access to employee email accounts. Effortless Office Enterprises has suffered a cyberattack, and Han Van Duong, M.D. has experienced a break-in and theft of laptop computers containing patient data.
LifeBridge Health
LifeBridge Health in Maryland has discovered unauthorized access to several employee email accounts. The breach was detected on November 12, 2024, and the forensic investigation determined that the email accounts had been compromised between August 27, 2024, and September 21, 2024. The breach was limited to email accounts, with no other systems affected. File attachments and emails in the account were reviewed and found to contain patient information.
The types of information involved varied from individual to individual and may have included names plus one or more of the following: dates of birth, dates of service, Social Security numbers, medical record numbers, health insurance claim numbers, and limited treatment information. Individual notifications were mailed to the affected individuals on January 10, 2025, and complimentary credit monitoring services have been offered.
LifeBridge Health said it will continue to provide privacy and cybersecurity training to its workforce and is looking to enhance email security. The breach has been reported to regulators but is not yet shown on the HHS’ Office for Civil Rights breach portal, so it is currently unclear how many individuals have been affected. LifeBridge Health said the breach did not affect all patients.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Effortless Office Enterprises
Effortless Office Enterprises, LLC, a provider of IT and cloud computing services, has experienced a cyberattack that disrupted the operability of its computer network. The attack was detected on July 16, 2024, and immediate action was taken to contain the incident and recover its systems. Assisted by third-party digital forensics specialists, it was confirmed that the personal information of current and former employees, residents, and/or associated parties was potentially accessed and obtained in the incident.
A programmatic and manual review was conducted to determine the individuals affected and the types of data involved, and that process was completed on November 6, 2024. Information potentially compromised in the incident included names, dates of birth, health insurance information, provider information, treatment and/or diagnosis information, treatment dates, lab or test results, patient account and/or medical record numbers, Medicare/Medicaid information, driver’s license or state identification card numbers, and/or Social Security numbers. Individual notification letters were mailed on December 20, 2024, and the breach was reported to the HHS’ Office for Civil Rights as involving the protected health information of 3,112 individuals.
Han Van Duong, M.D.
The office of the Rosemead, CA-based internal medicine specialist, Han Van Duong, M.D., was broken into in the early hours of October 17, 2024. The burglar(s) appeared to be looking for money and took small valuable items, including three password-protected laptop computers. The burglar(s) does not appear to have been interested in medical equipment or patient files.
The laptop computers contained patients’ electronic protected health information, including patient names, visit notes, forms, lab/image reports, and/or other medical paperwork, along with some Social Security numbers. Complimentary credit monitoring services have been offered to individuals whose Social Security numbers were exposed. New locks, security lights, and cameras have been fitted to deter further break-ins. The breach has been reported to HHS’ Office for Civil Rights as involving the protected health information of 1,571 patients.
