Ransomware Attacks Reported by Foursquare Healthcare and Hi-School Pharmacy
Foursquare Healthcare Ltd, a Rockwall, TX-based operator of short-term rehabilitation, skilled nursing, and long-term nursing care facilities has recently confirmed it experienced a ransomware attack in September. The ransomware attack was detected on September 27, 2023, and the forensic investigation confirmed the attackers accessed its network between September 27, 2023, and September 29, 2023, and acquired certain files that contained employee and patient information. The information in the files varied from individual to individual and included names along with one or more of the following: address, billing information, Social Security number, banking information, and clinical information regarding care received at its clinics.
The attack did not cause any material disruption to Foursquare care or services and no evidence has been found to indicate that any of the stolen data has been misused for identity theft or fraud. Foursquare said it has received assurances that all of the stolen data has been deleted. That usually, but not always, means the ransom was paid. Foursquare said it believes the incident has been contained and it will continue to monitor its systems for unauthorized activity.
The breach has recently been reported to the HHS’ Office for Civil Rights as involving the protected health information of 10,890 patients. Foursquare has offered the affected individuals two years of complimentary credit monitoring and identity theft protection services and while assurances were provided that the stolen data has been deleted, Foursquare encourages the affected patients and employees to be vigilant against identity theft and fraud.
Hi-School Pharmacy Suffers Ransomware Attack
The Vancouver, WA-based drug store chain, Hi-School Pharmacy, has recently notified the Maine Attorney General about a data breach that has affected 17,676 individuals. On November 3, 2023, Hi-School Pharmacy experienced a cyberattack that caused network disruption. The forensic investigation confirmed on November 21, 2023, that the attackers had access to parts of the network that contained protected health information including names and Social Security numbers. Notification letters were sent to the affected individuals on November 5, 2023. Credit monitoring and identity theft protection services have been offered to the affected individuals.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy