CCM Health Data Breach
CCM Health based in Montevideo, MN recently alerted 29,182 persons regarding a network security occurrence that affected some of their personal data and medical information. On March 12, 2024, CCM Health’s breach notice mentioned the unauthorized access to its system from April 3, 2023 to April 10, 2023. An unauthorized third party potentially accessed and stole files that contained their sensitive data.
A detailed analysis was performed on all files on the breached areas of the network. It was confirmed that the files included full names, birth date, Social Security numbers, health data, and medical insurance data. The breached health data contained patient account numbers, medical record numbers, prescription details, names of healthcare providers, diagnosis codes, medical diagnoses, types of treatment, locations of treatment, treatment dates, admission and discharge dates, and/or laboratory results data.
The file analysis was done on February 12, 2024. CCM Health already sent the notification letters to the impacted persons. Single bureau credit monitoring/single bureau credit score/single bureau credit report services were offered to the impacted persons for free.
UHG Discovers Attack Vector Utilized in Change Healthcare Ransomware Attack
UnitedHealth Group (UHG) reported that the cybersecurity companies Palo Alto Networks and Mandiant are helping with the forensic investigation of the ransomware attack on Change Healthcare. UHG has likewise stated that the forensic investigation has revealed the origin of the attack. After determining the preliminary attack vector, UHG found a secure restore point and can already focus on re-establishing the systems that are presently non-functional and can begin retrieving information.
At this period, UHG has not disclosed to the public the preliminary attack vector. There were rumors in the days following the attack that two disclosed vulnerabilities present in ConnectWise ScreenConnect had been exploited. The vulnerabilities were identified on February 15, and notifications regarding the vulnerabilities were sent on February 19, a few days before the discovery of the LockBit ransomware attack on Change Healthcare. UHG stated it is going to share more about its investigation and restoration soon. However, it is uncertain if the attack vector will be discussed. Usually, cyberattack victims do not share with the public exactly how the breach occurred.
UHG has mentioned that it has established new instances of its Rx ePrescribing and Rx Connect (Switch) services. It also begun activating its Rx Connect, Rx Assist, and Rx Edit services, which are currently accessible to clients who have set up direct internet access connections. On March 13, 2024, UHG stated all pharmacy and payment solutions are working and over 99% of pre-incident claim volume is moving.
Orsini Pharmaceutical Services Data Breach Impacts 1,433 Individuals
Orsini Pharmaceutical Services located in Illinois has recently found out that there was unauthorized access to the email account of a worker. The breach was noticed on January 10, 2024, and the investigation affirmed that just one email account was breached from January 8 to January 10, 2024. The email account was evaluated to know the types of information that were compromised, which showed that the protected health information (PHI) of 1,433 people was included in the account, such as names, birth dates, addresses, medical insurance data, medical record numbers, diagnoses, and/or medication data.
Orsini Pharmaceutical Services did not uncover any proof that indicates that the attack was planned to get patient information, however, the possibility cannot be excluded. Supplemental safety and technical security steps were applied to safeguard and check its network. The impacted persons were advised and provided with a free one-year membership to a credit monitoring service.
St. Mary’s Healthcare System for Children, Inc. Hacking Incident
St. Mary’s Healthcare System for Children, Inc. located in Bayside, NY discovered unauthorized activity inside its computer system on or about November 9, 2023. The forensic investigation revealed that files were stolen from its system on the same day of the attack. An evaluation of those files affirmed they included the personal data of 5,650 persons, such as names and Social Security numbers. The healthcare system mailed personal notifications to the affected persons on March 20, 2024, and offered free credit monitoring services for 12 months. A St. Mary’s Healthcare System for Children spokesperson explained that only 254 patients had their PHI viewed. The other people affected were staff, ex-staff and other persons whose personal data (SSNs, not PHI) were likely viewed.
California Correctional Health Care Services
California Correctional Health Care Services (CCHCS) discovered an impermissible disclosure of personal data. On or about February 26, 2024, a staff member unintentionally emailed a file to an unauthorized individual. The attachment included PHI like last names, medical data, risk/priority levels, order types/names, CDCR numbers, reasons for visits, and appointment dates.
CCHCS stated the email recipient didn’t open or read the file attachment and CCHCS acquired proof that the attachment was erased and was not disclosed to any other person. The worker involved was given extra privacy awareness and data security awareness training. It is still uncertain how many persons were impacted.
