NCH Corporation and Others Announce Data Breaches

Irving, TX-based NCH Corporation, an international marketer of maintenance products, has reported a suspected ransomware attack. Suspicious network activity was detected within its systems on March 5, 2021, “that caused certain systems in its network to become unavailable.”

Steps were taken to block further unauthorized access and restore its systems. The investigation revealed the attackers had access to certain parts of its network between March 2 and March 5, 2021 and during that time there was unauthorized access to certain files stored on its file servers. It was not possible to tell which files had been accessed, so notifications have been sent to all individuals whose information was potentially compromised. The review of the files was completed on June 29, 2021. The files contained the names of certain current and former employees and their dependents, along with Social Security numbers and driver’s license numbers.

Notification letters were sent on July 29, 2021 and affected individuals have been offered complimentary credit monitoring and identity theft protection services.

The breach report submitted to the HHS’ Office for Civil Rights indicates up to 11,427 individuals were affected.

Renaissance Life & Health Insurance Co. Members Affected by Business Associate Ransomware Attack

A vendor used by Renaissance Life & Health Insurance Co. has suffered a ransomware attack in which the protected health information of some of its members was potentially compromised.

Renaissance Life & Health Insurance used Secure Administrative Solutions (SAS) for claims processing services. SAS detected unusual activity within its IT system on April 15, 2021 and immediately launched an investigation. On May 25, 2021, SAS learned that a limited amount of data may have been exfiltrated from its IT systems, including names, addresses, Social Security numbers, and agent license numbers.

The attackers had access to its IT systems between March 15 and April 15, 2021.While SAS did not specify the nature of the attack in its breach notifications, Renaissance Life & Health said ransomware was involved and SAS had received assurances that data exfiltrated in the attack had been destroyed by the attacker, suggesting the ransom may have been paid. SAS said in its notification letter that data were restored from clean backups.

SAS also said it “enforced a system-wide global password reset, implemented more strict password complexity requirements, and provided all users with new personal computers and training on updated network security protocols and procedures.”

The breach report submitted to the HHS’ Office for Civil Rights indicates 4,727 individuals were affected. Credit monitoring and identity theft protection services have been offered to those individuals free of charge for 12 months.

Insider Incident Affects Patients of TGH Urgent Care powered by Fast Track

Synergic Healthcare Solutions has notified 558 individuals about the potential theft of their protected health information by a former employee of Tampa General Urgent Care.

The breach occurred on September 9, 2020 when a former employee of Tampa General Urgent Care is alleged to have photographed patient information at TGH Urgent Care’s facility in Seminole, FL, which is partnered with Tampa General Hospital. The breach was discovered on November 6, 2020.

The former employee has been accused of taking photographs of patients’ driver’s licenses and credit card details. While the former employee is only believed to have taken photographs of the information of 3 patients, the decision was taken to notify all 558 patients whose charts had been accessed by the employee.

All individuals potentially affected have been offered complimentary credit monitoring services. TGH has since re-educated employees about privacy and security and the reporting of potential privacy violations.

Southwest Nebraska Public Health Department Discovers Exposure of COVID-19 Vaccination Information

Southwest Nebraska Public Health Department (SNPHD) has notified 13,500 individuals about the exposure of COVID-19 vaccine information over the Internet.

On May 18, 2021, SNPHD was made aware that data have been exposed on the SNPHD website. The information accessible on the website was limited to name, address, county, date of birth, date of vaccination, vaccination type, race and gender.

SNPHD contacted its web hosting company which confirmed that only one individual had accessed the data. SNPHD confirmed that the individual has worked closely with SNPHD and believes there is no cause for concern related to the file being accessed; however, individuals affected have been notified out of an abundance of caution.

The incident prompted SNPHD to provide its staff with additional training related to HIPAA, privacy, and confidentiality to ensure that an event like this does not occur again.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.