25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Richland County, WI Notifies 76,000 Individuals About October 2023 Cyberattack

Posted By on Sep 18, 2024

Richland County in Wisconsin has started notifying 76,365 individuals that some of their protected health information was exposed in a September 2023 cyberattack. According to the substitute breach notification, Richland County identified unauthorized access to its network on or around October 4, 2023. After securing its systems to prevent further unauthorized access, an investigation was launched to determine the nature and scope of the unauthorized activity.

The forensic investigation confirmed that there had been unauthorized access to its internal systems from September 28, 2024, to October 26, 2023, and during that time, files may have been accessed and/or acquired by an unauthorized individual. Based on the information disclosed in its website notice, it would appear that unauthorized access continued for 22 days after the breach was detected.

The review of the affected files has taken around 10 months to complete. On August 1, 2024, Richland County confirmed that the impacted files included personal and protected health information. The types of data involved varied from individual to individual and may have included names in combination with one or more of the following: address, phone number, fax number, email address, date of death, date of birth, Social Security number, tax identification number, driver’s license or government identification number, passport number, financial account information, financial account PIN/Security Code, routing number, payment card number, payment card expiration date/CVV/Security code, username and password, license plate number, VIN number, medical information, health insurance information, prescription information and/or biometric information.

While there may have been data theft, no evidence has been identified to indicate any of the impacted data has been used for identity theft or financial fraud. The affected individuals have been notified and advised of steps they can take to reduce the risk of misuse of their data. Complimentary credit monitoring and identity theft protection services do not appear to have been offered to the affected individuals.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist