Palomar Health Medical Group Investigating Potential Cyberattack
Palomar Health Medical Group in California is investigating a potential cyberattack, Prudential Insurance Company of America and West Idaho Orthopedics and Sports Medicine have experienced ransomware attacks, and patient data has been exposed in a cyberattack on Georgia Institute for Plastic Surgery.
Palomar Health Medical Group Investigating Potential Cyberattack
Palomar Health Medical Group, a provider of primary and specialty care in North San Diego County, CA, is investigating a potential cyberattack after detecting suspicious activity within its computer network. The activity was detected on May 5, 2024, and the affected systems were taken offline to contain any malware.
As a result of breach response processes, the patient portal, phones, and faxes are temporarily unavailable. With most communication systems down, patients have been advised to visit their physicians in person and to expect delays due to the disruption. Third-party cybersecurity specialists have been engaged to investigate the incident and identify the source of the disruption, and systems will be brought back online when it is safe to do so. At this stage of the investigation, it is too early to tell whether patient data has been compromised.
The incident appears to be confined to Palomar Health Medical Group. The Palomar Health Healthcare District, which includes Palomar Medical Center Poway and Palomar Medical Center Escondido, has not been affected.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Prudential Insurance Company of America Notifies 36,000 Individuals About February Ransomware Attack
The Prudential Insurance Company of America has recently reported a HIPAA breach of the personal and protected health information of 36,092 individuals to the HHS’ Office for Civil Rights and state Attorneys General. The incident was first reported in a Securities and Exchange Commission (SEC) filing in February as a hacking incident that resulted in access being gained to administrative user data and employee and contractor accounts. The attack occurred on February 4 and was identified the following day.
Third-party cybersecurity specialists assisted with the investigation and determined that a small percentage of files were exfiltrated from its network. Prudential said files included names, addresses, driver’s license numbers, and non-driver identification numbers. Prudential has confirmed that the threat actor no longer has access to the network. Access controls and security protocols are being enhanced, and additional monitoring technologies have been implemented. The affected individuals are being notified by mail and have been offered complimentary credit monitoring and identity theft protection services.
The affected individuals should certainly take advantage of those services. The Blackcat ransomware group claimed responsibility for the attack and added Prudential to its data leak site. The Blackcat group was also responsible for the attack on Change Healthcare, and as that incident demonstrated, stolen data may not be deleted even if the ransom is paid.
The Georgia Institute for Plastic Surgery
The Georgia Institute for Plastic Surgery in Savannah, GA, has notified 8,111 current and former patients that some of their protected health information may have been stolen by an unauthorized individual who gained access to a network server on December 30, 2023. The intrusion was detected on or around February 22, 2024, and a third-party cybersecurity firm confirmed that a remote desktop was used to access the server.
The server contained files that included patients’ full names, addresses, dates of birth, phone numbers, diagnosis codes, procedure codes, and/or patient account numbers. Individual notification letters were mailed to those individuals on April 24, 2024, and they have been advised on steps that they can take to reduce the risk of misuse of their information.
West Idaho Orthopedics and Sports Medicine Affected by Ransomware Attack
West Idaho Orthopedics and Sports Medicine, which operates orthopedic clinics in Meridian, Caldwell, and Fruitland, ID, has announced that it fell victim to a ransomware attack in March. The intrusion was detected on March 15, 2024, and systems were secured to prevent further unauthorized access. The internal investigation confirmed that the attackers exfiltrated files from its network prior to using ransomware, and those files may have contained patient data.
The review of those files revealed that names, dates of birth, addresses, telephone numbers, email addresses, health information, and insurance information had potentially been stolen, and up to 5,000 patients have been affected. The attack has been reported to law enforcement and regulators, and the affected individuals are being notified by mail. West Idaho Orthopedics and Sports Medicine said it is taking steps to improve security to prevent similar incidents in the future.
