Cyberattack on SuperCare Health Impacts 318,000 Patients
SuperCare Health located in Downey, CA, a provider of post-acute, in-home respiratory care services in the Western United States, has lately commenced informing 318,379 patients regarding the compromise and likely access by unauthorized individuals to some of their protected health information (PHI) due to a cyberattack that took place in July 2021.
SuperCare Health mentioned in its March 25, 2022 breach notice that it found unauthorized activity in its IT networks on July 27, 2021. It quickly took steps to protect its network and block further unauthorized access. Third-party cybersecurity professionals looked into the nature and extent of the breach.
The investigation established that unauthorized persons got access to segments of its system from July 23, 2021 to July 27, 2021. It was probable that the hackers accessed files on the network that included the PHI of patients. A detailed analysis of the contents of the files was done, which confirmed on February 4, 2022, that they comprised the following sensitive patient information: names, dates of birth, addresses, hospital/medical group, medical record numbers, patient account numbers, medical insurance data, claims details, test/diagnostic/treatment details, and other health-associated data. Some persons additionally had their Social Security numbers and/or driver’s license numbers compromised.
SuperCare Health stated that due to the security breach, it assessed its security measures and put in place supplemental security procedures to better secure the personal data and PHI of patients.
SuperCare Health is providing affected individuals a free membership to an identity theft protection service, including dark web monitoring, credit monitoring, and an identity theft reimbursement insurance coverage.
Englewood Health Alerts 3,900 Patients Concerning PHI Compromise
Englewood Health, an acute care 289-bed teaching hospital based in Englewood, NJ, has just announced a security breach involving the PHI of 3,901 persons. On February 14, 2022, Englewood Health found out that the username and password of a worker were exposed, which permitted an unauthorized person to acquire access to patient names, birth dates, and limited health data. Englewood Health mentioned the unauthorized actor acquired access to patient data for just 40 minutes prior to the detection and blocking of intrusion.
As a result of the breach, Englewood Health has enhanced its administrative, physical, and technical system controls. Patients were already alerted through the mail and though just a limited amount of information was breached, free credit monitoring services were given to impacted individuals.