DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Monterey Health Center in Oregon, Central Valley Regional Center in California both announce patient data breaches

Posted on October 12, 2019 by Dissent

On August 12, 2019, Monterey Health Center in Oregon became aware that they had suffered a ransomware attack.  According to a press release issued yesterday, they were able to restore patient data, and were able to rule out any data exfiltration, but were not able to rule out access to the patient data.

The types of information stored on the impacted server includes: name, address, driver’s license, financial account information, Social Security number, date of birth, medical history, diagnosis/conditions, lab/test results, treatment information, medications, health insurance information, and/or claims information.

Meanwhile, in California….

In other announcements yesterday, Central Valley Regional Center in California announced that it is notifying patients of a breach that occurred when an employee’s email account was accessed by an unauthorized third party.  The center became aware of the breach on July 29, 2019. Their investigation determined that between July 25–August 2, 2019, access was possible to what sounds like more than one employee’s email account(s).

On August 12, 2019, CVRC determined that data containing individuals’ personal information within one or more email accounts may have also been affected.

This information may have included individuals’ names, addresses and contact information, dates of birth, dates of death, Social Security numbers, driver’s license information, state identification card or other government identification numbers, Medi-Cal numbers, UCI numbers, and/or medical or health information or health insurance information. For a limited number of individuals, Taxpayer Identification numbers, financial account or payment card information, PINs or other access codes, account passwords, usernames, email addresses or electronic identifiers and the means to access the related accounts, and/or IRS PINs may have also been affected.

CVRC is offering those affected credit monitoring and credit protection services.

Neither press release indicates the number of patients being notified, but expect to see both of these incidents on HHS’s public breach tool at some point.

Category: HackHealth DataMalwareU.S.

Post navigation

← UK: ‘I feel violated’ – Hospital sends personal details of 11 patients to wrong address
Philly health department website exposed names of thousands of people with hepatitis →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors
  • Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
  • 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.