Data Breaches Announced by Alameda Health System, Capsule Pharmacy and AON

by | Jun 9, 2022 | Compliance News

Alameda Health System located in California, Capsule pharmacy based in New York, and Aon PLC located in Illinois recently reported data breaches that affected a total of 56,290 persons.

90,000 Alameda Health System Patients Informed Concerning PHI Breach

Alameda Health System based in Oakland, CA has just submitted a data breach report to the Department of Health and Human Services’ Office for Civil Rights stating that about 90,000 people were impacted. There are minimal facts given to date about the cause of the breach. Alameda Health System mentioned that there was suspicious activity detected in a number of workers’ email accounts. The succeeding investigation confirmed that an unauthorized third party viewed a number of worker email accounts.

The assessment of those email accounts affirmed they included the protected health information (PHI) of patients. Nevertheless, it is unknown how many patient data was compromised. As per Alameda Health System, there is no proof identified that indicates the viewing or removal of any information in the accounts. The provider will distribute the notification letters to affected people soon and will employ measures to boost security and minimize harm to individuals.

27,486 People Impacted by Capsule Pharmacy Breach

A NY digital pharmacy Capsule Pharmacy has begun informing 27,486 persons that their PHI was compromised in a new cyberattack. As per the breach notice submitted to the California Attorney General, unauthorized people acquired access to selected Capsule accounts last April 5, 2022.

The drugstore discovered the data breach on the same day and carried out a password reset on all impacted accounts. A third-party digital forensics agency helped with the investigation and confirmed that these types of records were possibly exposed: demographic details like names, telephone numbers, email addresses, physical addresses, sex, and dates of birth, health data like medical disorders and prescribed drugs, past order records, insurance data, chat communications to and from Capsule agents, and credit card last 4 digits numbers along with expiry dates.

Capsule stated that added security measures are being executed. Even though a password reset was executed on all affected accounts, Capsule is instructing users to set new passwords for their different accounts. Make sure that the passwords are complicated or passphrases that aren’t quick to guess, and never use old passwords once again. This implies the security breach was likely a password spraying attack.

PHI of Over 28,700 Persons Likely Exposed in AON PLC Cyberattack

Business associate Aon PLC located in Chicago, IL offers financial risk-mitigation solutions, which include insurance and medical insurance plans. The company lately announced that it encountered a cyberattack. AON PLC identified the security breach on February 25, 2022, and the forensic investigation affirmed that an unauthorized third party obtained access to a number of Aon systems several times between December 29, 2020, and February 26, 2022, and that selected documents including individuals’ PHI were extracted from its systems.

AON explained it has undertaken steps to verify that the stolen data is not with the third party. There are no hints that the extracted data was further duplicated, kept, or shared. There is no explanation to surmise that any information was or will be misused. The impacted data just comprised names, Social Security numbers, driver’s license numbers, and, for some persons, benefit enrolment details. AON claimed it sent the incident report to the FBI and other law enforcement regulators, and it has done something to further boost security.

3 Steps To HIPAA Compliance

Step 1 : Download Checklist.

Step 2 : Review Your Business

Step 3 : Get Compliant!

Our HIPAA compliance checklist will outline everything your organization needs to become fully HIPAA compliant. Fill in the form below to download it now.

View our privacy policy