DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

OK: Indian Territory Home Health and Hospice, LLC, DBA “Aspire Home Care and Hospice” notifies patients of potential compromise of their information

Posted on October 24, 2015 by Dissent

A recent update to HHS’s public breach tool includes an incident affecting patients of Indian Territory Home Health and Hospice (“Aspire Home Health and Hospice”). From a statement on their web site:

On August 10, 2015, Indian Territory Home Health and Hospice, LLC, DBA “Aspire Home Care and Hospice” learned that it was the target of a cybersecurity attack. The attack affected its systems and data and may have exposed some of its patients’ personal information, such as patients’ names, dates of birth, addresses, telephone numbers, Social Security numbers, insurance information, prescription information, patient identification/medical record numbers and certain medical/clinical information. However, the data potentially exposed did not include any financial information, such as credit or debit card information.

As soon as Aspire became aware of the incident (which occurred in late-July 2015/early-August 2015), it performed a thorough investigation to determine the scope of the issue and the impact on its patients. Aspire immediately disabled certain accounts, implemented password resets for identified targeted users and performed a security assessment. In the aftermath of this incident, Aspire will continue to review its systems and improve the security of the information it maintains by implementing, for example, additional audit and surveillance technology to detect unauthorized intrusions.

We are providing notice to patients whose personal information may have been exposed and offering them identity monitoring at no cost for one year. We have also notified the Secretary of the United States Department of Health and Human Services regarding this incident. We deeply regret this incident occurred and any inconvenience it may cause our patients and/or their family members.

If you have any questions or would like to speak to someone regarding this incident, feel free to contact our Vice President of Compliance, Jenni Massengill, at 1-580-341-9226 or 888-285-5162.

Although the substitute notice does not provide details as to how the attack occurred, their report to HHS coded this as an incident in which the data were located in email, suggesting that this may have been a phishing attack. In two reports filed with HHS, the number affected was first listed as 4,278; a later report indicated 4,500.

Category: Health DataMalwareU.S.

Post navigation

← Former Assistant Band Director Sentenced for Identity Theft Tax Fraud Scheme Involving Former Students and Other Individuals’ Personal Identifying Information
AR: Nephropath notifies patients of potential compromise of PHI →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • FTC Finalizes Order with GoDaddy over Data Security Failures
  • Hacker steals $223 million in Cetus Protocol cryptocurrency heist
  • Operation ENDGAME strikes again: the ransomware kill chain broken at its source
  • Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials
  • Mysterious hacking group Careto was run by the Spanish government, sources say
  • 16 Defendants Federally Charged in Connection with DanaBot Malware Scheme That Infected Computers Worldwide
  • Russian national and leader of Qakbot malware conspiracy indicted in long-running global ransomware scheme
  • Texas Doctor Who Falsely Diagnosed Patients as Part of Insurance Fraud Scheme Sentenced to 10 Years’ Imprisonment
  • VanHelsing ransomware builder leaked on hacking forum
  • Hack of Opexus Was at Root of Massive Federal Data Breach

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Meta may continue to train AI with user data, German court says
  • Widow of slain Saudi journalist can’t pursue surveillance claims against Israeli spyware firm
  • Researchers Scrape 2 Billion Discord Messages and Publish Them Online
  • GDPR is cracking: Brussels rewrites its prized privacy law
  • Telegram Gave Authorities Data on More than 20,000 Users
  • Police secretly monitored New Orleans with facial recognition cameras
  • Cocospy stalkerware apps go offline after data breach

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.