DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Verity Health System Notifies Thousands of Patients of Web Site Hack That Began in 2015

Posted on February 6, 2017 by Dissent

So after ignoring a few inquiries from DataBreaches.net requesting information, it appears Verity Health System has now issued a statement about a breach reported to HHS on January 11 as affecting 10,164 patients. Here is their press release:

Although there is no evidence that patient information was used in an unauthorized fashion, Verity Health System is notifying more than 9,000 individuals that their personal information may have been accessed by an unauthorized third party.

The information, dated between 2010 and 2014, includes patient names, dates of birth, medical record numbers, addresses, email addresses, phone numbers and the last four digits of credit card numbers. The information does not include social security numbers or full credit card information

On Jan. 6, Verity Health officials detected that an unauthorized third party accessed the Verity Medical Foundation-San Jose Medical Group website, which is no longer in use. The health system promptly initiated an internal investigation and determined that the access occurred between October 2015 and January 2017. Verity took immediate steps to secure the website, stop any further unauthorized activity and prevent similar incidents from happening in the future.

“Verity Health System takes the security of our patients’ information seriously, and we regret that this incident occurred,” said Andrei Soran, chief executive officer of the one-year-old health system. Verity Health includes six California hospitals, the Verity Medical Foundation and Verity Physician Network.

“We took immediate steps to investigate this incident, notify the affected individuals and appropriate authorities, and ensure enhanced protection of our information systems going forward,” Soran added. “We are working with a leading cyber-security firm to further evaluate the integrity of our information systems.”

As required by law, Verity is notifying the affected individuals by letter. In addition, Verity is offering a call center to answer questions, as well as credit monitoring services – free of charge – for a period of one year.

No related posts.

Category: HackHealth DataU.S.

Post navigation

← With at least 23 incidents and 29,000 victims, the W-2 phishing season is in full swing
Pro-Trump group hacked, website taken down in Cabinet fight →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information
  • UK police arrest four in connection with M&S, Co-op and Harrods cyberattacks (1)
  • At U.S. request, France jails Russian basketball player Daniil Kasatkin on suspicion of ransomware conspiracy
  • Avantic Medical Lab hacked; patient data leaked by Everest Group
  • Integrated Oncology Network victim of phishing attack; multiple locations affected (2)
  • HHS’ Office for Civil Rights Settles HIPAA Privacy and Security Rule Investigation with Deer Oaks Behavioral Health for $225k and a Corrective Action Plan
  • HB1127 Explained: North Dakota’s New InfoSec Requirements for Financial Corporations
  • Credit reports among personal data of 190,000 breached, put for sale on Dark Web; IT vendor fined
  • Five youths arrested on suspicion of phishing
  • Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How to Build on Washington’s “My Health, My Data” Act
  • Department of Justice Subpoenas Doctors and Clinics Involved in Performing Transgender Medical Procedures on Children
  • Google Settles Privacy Class Action Over Period Tracking App
  • ICE Is Searching a Massive Insurance and Medical Bill Database to Find Deportation Targets
  • Franklin, Tennessee Resident Sentenced to 30 Months in Federal Prison on Multiple Cyber Stalking Charges
  • On July 7, Gemini AI will access your WhatsApp and more. Learn how to disable it on Android.
  • German court awards Facebook user €5,000 for data protection violations

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.