Hacking Incidents Announced by Two Texas Health Clinics
A drug and alcohol addiction center and an OB/GYN Medical Center in Texas have notified patients about unauthorized access to some of their protected health information.
Nova Recovery Center Reports Unauthorized Network Access
Nova Recovery LLC (Nova Recovery Center), a drug and alcohol addiction center in Wimberley, Texas, has identified unauthorized access to certain systems hosted on the Nova Recovery network. The intrusion was identified by its IT and Security teams on May 25, 2025. The threat was neutralized, and the breach was investigated to determine if any patient data had been exposed.
On June 17, 2025, Nova Recovery confirmed that business records on its network had been accessed, some of which contained patients’ personal information. Data compromised in the incident includes first, middle, and last names, addresses, dates of birth, Social Security numbers, and financial payment information. Individual notification letters have been mailed to the 7,713 affected individuals, and complimentary credit monitoring services have been offered. The third-party consulting firm hired to investigate the incident is helping to implement additional security measures to prevent similar incidents in the future.
OB/GYN Medical Center Associates Affected by ConnectOnCall Breach
In July 2025, OB/GYN Medical Center Associates in Houston, TX, published a breach notice on its website about a security incident at one of its business associates. ConnectOnCall.com, LLC, provided a voicemail messaging service through May 2024. ConnectOnCall notified OB/GYN Medical Center Associates that an unknown third party had access to certain data within the ConnectOnCall application between February 16, 2024, and May 12, 2024. ConnectOnCall took the compromised application offline while the incident was investigated by cybersecurity experts, and after enhancing security controls, the solution was brought back online.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Since being notified about the breach, OB/GYN Medical Center Associates has been reviewing the messages left for the practice via the ConnectOnCall system and has confirmed that patient data may have been accessed. The types of data involved depended on the information disclosed by patients in the messages and may have included names, information about physical conditions, medications, procedures, and other personal and medical information. The review was completed on June 25, 2025, and notification letters were mailed to the 2,132 affected individuals on July 23, 2025.
