25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Mobile County Health Department Investigating Potential HIPAA Violation

Posted By on Jun 10, 2025

The Illinois Department of Healthcare and Family Services has experienced a phishing attack, Select Medical Holdings Corporation has confirmed it was affected by a cyberattack on Nationwide Recovery Service, and the Mobile County Health Department is investigating a potential HIPAA violation.

Mobile County Health Department Investigating Potential HIPAA Violation

Another incident has come to light involving livestreaming on social media. In this case, a woman in Alabama livestreamed a phone call in which a patient’s protected health information was disclosed. Shantaya Presley, 32, called the Mobile County Health Department, impersonating a woman seeking medical information. She provided the individual’s name and an incorrect date of birth, and the Health Department worker corrected the date of birth and proceeded to disclose the individual’s protected health information. Presley was livestreaming herself on Facebook Live while making the call, and by doing so, disclosed the woman’s protected health information, resulting in that woman being harassed.

Presley used a false identity to obtain sensitive information and now faces criminal charges for doxing and identity theft. The health department worker appears to have disclosed a patient’s health information without taking reasonable steps to verify the identity of the caller. The Mobile County Health Department identified the video but has not disclosed further details of the investigation, such as if the employee has been sanctioned.

Illinois Department of Healthcare and Family Services Reports Phishing Breach

The Illinois Department of Healthcare and Family Services (HFS) has recently announced a security incident that exposed the protected health information of almost 1,000 patients. On or around February 11, 2025, HFS identified a phishing campaign targeting its employees. The phishing emails impersonated another government department and were sent from a genuine government email account that had been compromised in a previous phishing incident. As such, the phishing emails appeared genuine and came from a trustworthy source.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

When the phishing threat was identified, all employees were warned about the active phishing campaign, and the malicious link in the emails was blocked; however, one employee had already responded to the email and clicked the link, which required them to enter their username and password. The credentials were captured by the threat actor and used to access the employee’s account.

The account contained emails and documents that included customer names, Social Security numbers, driver’s license/state identification card numbers, financial information related to child support, child support or Medicaid identification and case numbers, and date of birth. The email account has been secured, and further training has been provided to the workforce. The review of the email account has recently been completed, and 933 individuals were confirmed to have been affected, including 564 Illinois residents.

Select Medical Holdings Corporation Affected by Nationwide Recovery Service Data Breach

Select Medical Holdings Corporation, a Pennsylvania-based operator of critical illness recovery hospitals, rehabilitation hospitals, and outpatient rehabilitation clinics, has confirmed that it has been affected by the cyberattack on the debt collection agency, Nationwide Recovery Service (NRS). NRS identified the cyberattack on July 11, 2024, and confirmed unauthorized network access between July 5 and July 11, 2024.

The file review was completed on February 3, 2025.  The compromised data includes names, dates of birth, addresses, provider names, patient account numbers, dates of service, and Social Security numbers, as well as guarantor information.  Select Medical Holdings notified the affected individuals by mail on June 6, 2025. Complimentary credit monitoring services have been made available to the affected individuals. The breach was reported to the Maine Attorney General as affecting 208 Maine residents. It is currently unclear how many individuals from other states have been affected.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist