Two healthcare networks reported knowledge breaches this week that can affect greater than 1.5 million folks.
Connecticut’s Group Well being Middle Inc. and California’s NorthBay Healthcare Company filed breach notifications with regulators in a number of states warning that breaches final 12 months uncovered troves of affected person knowledge together with healthcare knowledge, monetary data, Social Safety numbers and extra.
Group Well being Middle, which runs dozens of services and clinics throughout Connecticut, mentioned 1,060,936 present and former sufferers had knowledge stolen throughout a cyberattack found on January 2.
“That very same day, we introduced in consultants to research and reinforce the safety of our methods. They discovered {that a} expert prison hacker received into our system and took some knowledge, which could embody your private data,” the corporate mentioned.
“Happily, the prison hacker didn’t delete or lock any of our knowledge, and the prison’s exercise didn’t have an effect on our each day operations. We imagine we stopped the prison hacker’s entry inside hours, and that there is no such thing as a present risk to our methods.”
However the hacker did entry well being information that included names, addresses, telephone numbers, diagnoses, therapy particulars, take a look at outcomes, medical insurance data and Social Safety numbers.
Victims are being supplied two years of identification safety companies and a $1 million insurance coverage reimbursement coverage for many who might face points because of the knowledge breach.
One other regional healthcare system, California-based NorthBay Healthcare, reported its personal knowledge breach impacting 569,012 folks. The nonprofit group runs two hospitals in northern California, a 100-provider major and specialty care medical group, a most cancers heart and different services.
The group informed regulators in Maine that hackers breached their methods final 12 months and had entry from January 11 to April 1.
The cybercriminals gained entry to Social Safety numbers, passport numbers, monetary data, medical knowledge, medical insurance information, bank card and debit card numbers that included expiration dates, safety codes and PIN numbers.
These affected are being given one 12 months of identification safety companies.
The assault on NorthBay Healthcare was claimed by the Embargo ransomware gang in April 2024. The hospital was compelled to show sufferers away and cancel appointments following the ransomware assault.
Recorded Future
Intelligence Cloud.
Be taught extra.
