535,489 Patients’ Data Compromised in Texas ENT Breach

A hacker extracted the protected health information (PHI) of 535,489 patients from Texas ENT Specialists in August 2021. Although the Texas ENT breach occurred in August, it was not listed on the Office for Civil Rights portal until December 2021. Details of Texas ENT Breach Officials at Texas ENT Specialists first learned of the incident on October 19, 2021. The investigation revealed [...]

2023-04-06T14:00:28-04:00January 3rd, 2022|

2021 Cost of Healthcare Data Breach Average Balloons to $9.3 Million

The 2021 cost of healthcare data breaches soared to an average of $9.3 million per occurrence, according to a report released by IBM Security –  a 29.5 percent increase over 2020’s average of $7.13 million. The average percentage increase of healthcare data breaches was nearly three times higher and nearly twice as costly as the global industry average. The report found that the average cost of a data [...]

2023-04-06T14:00:31-04:00December 28th, 2021|

Canada Nabs Suspect in Alaska HIPAA Breach

Ontario Provincial Police (OPP) in Canada have arrested a man believed to be responsible for an Alaska HIPAA breach in April 2018 that resulted in the possible exposure of approximately 700,000 individuals' protected health information. Following a 23-month investigation, Matthew Philbert, 31, was arrested on November 30, 2020, and charged with fraud, unauthorized use of a computer, and "possession of device to [...]

2023-04-06T14:00:31-04:00December 27th, 2021|

Hackensack Cancer Center Settles HIPAA Violations With New Jersey Attorney General

In December of 2021, the New Jersey Attorney General’s Division of Consumer Affairs, Office of Consumer Protection, settled a HIPAA enforcement action that it brought against Regional Cancer Care Associates (RCCA). RCCA is based in Hackensack, New Jersey, and has over 30 locations throughout New Jersey, Connecticut, Maryland, and the Washington DC area. RCCA treats cancer patients as well as patients with blood disorders. RCCA fell victim to [...]

2023-04-06T14:00:32-04:00December 23rd, 2021|

103,576 Impacted by Sound Generations Breach

A nonprofit organization in Washington state, Sound Generations, reported a pair of data breaches potentially impacting 103,576 clients to the Office for Civil Rights (OCR) data breach portal on December 8, 2021. Details regarding the Sound Generations breach are discussed in detail below. Details of the Sound Generations Breach Sound Generations offers transportation, food security, and health and wellness services to seniors [...]

2023-04-06T14:00:33-04:00December 22nd, 2021|

New Jersey State Attorney General Settles HIPAA Claims Against Printing Companies

In November of 2021, the New Jersey State Attorney General’s (AG) Office, Division of Consumer Affairs, settled 2 HIPAA claims, one HIPAA claim against Command Marketing Innovations (CMI), and another HIPAA claim against CMI’s business associate, Strategic Content Imaging, LLC (SCI). This $130,000 resolution settled each company’s potential HIPAA Security Rule and Privacy Rule violations. The printing companies were drummed into New Jersey court for having [...]

2023-04-06T14:00:34-04:00December 21st, 2021|

UKG Ransomware Attack Hits Healthcare Businesses Worldwide

Healthcare providers including NYU Langone University Hospital Long Island in New York and others around the world are reeling today in the wake of a reported ransomware attack on human resources services giant UKG. The breach affects services on the Kronos Private Cloud including UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions. It is unknown if electronic protected health information [...]

2023-04-06T14:00:37-04:00December 13th, 2021|

Planned Parenthood Class Action Lawsuit Filed Following Data Breach

Planned Parenthood Los Angeles faces a class-action lawsuit in the wake of an October cyberattack that potentially exposed the protected health information (PHI) of 409,759 patients. The Planned Parenthood class-action lawsuit is discussed in detail below Planned Parenthood Class-Action Lawsuit – Details of Lawsuit Filed on December 9, 2021, by an unnamed patient, the lawsuit alleges that the patient and class members [...]

2023-04-06T14:00:38-04:00December 10th, 2021|

10 Largest 2021 Healthcare Breaches (so far)

It has been a tough year for cybersecurity professionals as hacking groups and ransomware criminals have exposed the records of more than 40 million Americans during an onslaught of 2021 healthcare breaches. As a result, some healthcare data networks were out of service for weeks at a time, potentially compromising quality of care for patients across the country. As recently as September, [...]

2023-04-06T14:00:40-04:00December 7th, 2021|

Healthcare Ransomware Attack Affects 1.5 Million

An Indiana hospital recently announced that it suffered a healthcare ransomware attack that potentially affected 1.5 million patients. Eskenazi Health began notifying affected individuals on Nov 11, 2021 of the incident after concluding their investigation. What Do We Know About the Healthcare Ransomware Attack? According to a press release published by Eskenazi Health, their security team became aware of suspicious activity on [...]

2023-04-06T14:00:43-04:00November 22nd, 2021|