SAC Health Theft Incident and Multiple Ransomware Attacks Reported

Social Action Community Health System (SAC Health) has recently notified 149,940 patients that documents containing their protected health information were stolen in a break-in at an off-site storage location where patient records were stored.

The break-in was discovered on March 4, 2022, with the subsequent investigation confirming on April 22, 2022, that six boxes of paper documents had been stolen from the facility, which included files relating to patients served by SAC Health in 1997 and between 2006 and 2020.

An analysis was conducted to determine which types of information were included in the files and concluded the documents may have contained information such as names, addresses, dates of birth, and diagnosis codes. Notification letters were sent to those individuals on May 3, 2022. SAC Health said it is unaware of any actual or attempted misuse of patient data as a result of the break-in; however, as a precaution against identity theft and fraud, affected individuals have been offered complimentary credit monitoring services. SAC Health said it is conducting a review of its policies and procedures concerning the storage of paper data.

Bryan County Ambulance Authority Ransomware Attack Affects 14,000 Patients

The Bryan County Ambulance Authority in Oklahoma has recently started notifying 14,273 patients about the exposure and potential theft of some of their protected health information. According to the notification letters, the attack was detected on November 24, 2021, when files on its systems were encrypted. Immediate action was taken to prevent further unauthorized access, and third-party cybersecurity consultants were engaged to assist with the forensic investigation.

The breach notice does not indicate what types of information were stolen in the attack but says affected individuals have been offered a complimentary membership to an identity theft protection service. According to the notice, the forensic investigation and document review took until April 7, 2022, hence the delay in issuing notifications to affected individuals.

Lifespan Services Suffers Ransomware Attack

Charlotte, NC-based Lifespan Services, a non-profit provider of services to individuals with disabilities, has recently confirmed it was the victim of a ransomware attack that affected data on its servers. The attack occurred on April 12, 2022, and prompt action was taken to secure its systems.

Lifespan said it was possible to restore all encrypted data within 24 hours of the attack, but the forensic investigation confirmed on May 3, 2022, that the individuals behind the attack had accessed files containing patients’ personal information, including names Social Security numbers, Medicaid numbers, driver’s license numbers, and bank routing numbers.

Lifespan said multiple layers of protection were in place, and additional security measures have now been implemented. A complimentary one-year membership to identity theft protection services has been offered to the 8,006 individuals affected.

Vice Society Claims Responsibility for Ransomware Attack on Atlanta Perinatal Associates

The Vice Society ransomware gang has claimed responsibility for a ransomware attack on Atlanta Perinatal Associates in Georgia. Atlanta Perinatal Associates specializes in treating mothers who have high-risk pregnancies, and coordinates care with other medical providers.

The healthcare provider has not yet confirmed it was a victim of a ransomware attack; however, Vice Society has uploaded data to its leak site that was allegedly stolen in the attack. The data includes names, dates of birth, ID numbers, expected due dates, referring physician names, sonographer names, ultrasound results, drug and alcohol use histories, other health information, and some records include credit card information and health insurance information. According to, which reviewed some of the files, they relate to records created between 2019 and April 2022.

Since the incident has yet to be reported to regulators, it is currently unclear how many patients have been affected.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.