Email Breaches Reported by SkinCure Oncology & the Wisconsin Department of Health Services
SkinCure Oncology has notified 13,434 patients about an email attack that occurred in June 2023, and the Wisconsin Department of Health Services has announced a breach of the personal information of 19,150 Medicaid recipients.
SkinCure Oncology
SkinCure Oncology in Burr Ridge, IL, has issued individual notifications to 13,434 patients whose protected health information was compromised in an email breach that occurred more than a year ago. According to the substitute breach notice, the investigation confirmed that multiple email accounts were accessed by an unauthorized third party between June 23 and June 25, 2023.
A comprehensive review was conducted to identify the files in the email accounts, and on December 6, 2023, it was confirmed that protected health information was present in emails and email attachments. SkinCure Oncology believes files in those email accounts were viewed and potentially obtained in the attack. The exposed information varied from individual to individual and may have included names, birth dates, medical record numbers, medical histories, and health insurance information. A limited number of patients had their Social Security numbers, driver’s license numbers, financial account information, and/or credit card information exposed.
The delay in issuing individual notifications was due to the time it took for SkinCure Oncology and its practice partners to locate up-to-date address information. The substitute breach notice makes no mention of complimentary credit monitoring and identity theft protection services, only that patients should be vigilant against identity theft and fraud. Further information can be contained by calling SkinCure Oncology’s helpline – (866) 528-8844. The helpline is manned Monday to Friday from 8:00 a.m. to 5:30 p.m. Central Time.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Wisconsin Department of Health Services
Wisconsin Department of Health Services has reported a HIPAA compliance breach of the protected health information of up to 19,150 Medicaid recipients. The breach occurred at one of its partner organizations, Disability Rights Wisconsin, which discovered an unauthorized third party had gained access to an employee email account. It is unclear from the announcement when the breach occurred and when it was discovered.
Notification letters were sent to the affected individuals on June 21, 2024, and they were advised about the data that was exposed. Complimentary credit monitoring services have been offered to the affected individuals for 12 months and a helpline – 888-733-3814 – has been set up for individuals seeking further information. The helpline is manned Monday to Friday, from 8:00 a.m. to 8 p.m. Central Time.
