DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

TX: Elara Caring notifies more than 100,000 patients after corporate email accounts hacked

Posted on March 5, 2021 by Dissent

Elara Caring, a provider of home-based care, suffered a data security breach that they learned about in mid-December. Last month, they started notifying more than 100,400 patients. A notice on their web site explains that a number of corporate email accounts had been compromised — accounts that contained both employee and patient information. Elara Caring learned of the breach in mid-December, but they do not disclose when the breach actually occurred or how they learned about it.

Information in the email accounts included information for employees and patients, and may have included: name, address, Social Security number, driver’s license number, Employer ID number, financial or bank account information, date of birth, email address and password, insurance information and insurance account number, and passport number.

“Importantly,” they state, “we have no evidence at this time that personal information of Elara Caring patients or employees was downloaded, accessed or misused by the intruder.”

While such statements may sound reassuring, some attackers are quite skilled at covering their tracks and data exfiltration.  Sometimes, data has been downloaded and shows up months later on a dark web forum. In this blogger’s opinion, patients and employees should not relax because of  statements such as the one in this notification — they should take steps to protect themselves. Think of it this way:  why would a criminal hack an entity if not to get information to misuse somehow?

You can get more information by reading the entity’s entire notice on their web site. The incident was reported to HHS on February 24 as impacting 100,487 patients, but their report was only added to the public breach tool yesterday.

No related posts.

Category: Breach IncidentsHackHealth Data

Post navigation

← Southern Illinois University School of Medicine impacted by Accellion breach, notifies patients
PA: Delco School District Missing ‘Millions,’ Suggests Hackers Took It →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information
  • UK police arrest four in connection with M&S, Co-op and Harrods cyberattacks (1)
  • At U.S. request, France jails Russian basketball player Daniil Kasatkin on suspicion of ransomware conspiracy
  • Avantic Medical Lab hacked; patient data leaked by Everest Group
  • Integrated Oncology Network victim of phishing attack; multiple locations affected (2)
  • HHS’ Office for Civil Rights Settles HIPAA Privacy and Security Rule Investigation with Deer Oaks Behavioral Health for $225k and a Corrective Action Plan
  • HB1127 Explained: North Dakota’s New InfoSec Requirements for Financial Corporations
  • Credit reports among personal data of 190,000 breached, put for sale on Dark Web; IT vendor fined
  • Five youths arrested on suspicion of phishing
  • Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How to Build on Washington’s “My Health, My Data” Act
  • Department of Justice Subpoenas Doctors and Clinics Involved in Performing Transgender Medical Procedures on Children
  • Google Settles Privacy Class Action Over Period Tracking App
  • ICE Is Searching a Massive Insurance and Medical Bill Database to Find Deportation Targets
  • Franklin, Tennessee Resident Sentenced to 30 Months in Federal Prison on Multiple Cyber Stalking Charges
  • On July 7, Gemini AI will access your WhatsApp and more. Learn how to disable it on Android.
  • German court awards Facebook user €5,000 for data protection violations

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.