DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

SC: Sandhills Medical Foundation notifies patients of vendor breach

Posted on March 6, 2021 by Dissent

Updated 3/6/2021:  Sandhills reported this incident to Maine as impacting 39,602 patients, total.

Original Post:

Sandhills Medical Foundation has posted a notice of a data security incident on their web site, reproduced below.  Based on the dates and description, it appears that this is the Netgain Technology LLC data breach that has previously been noted on DataBreaches.net as affecting Ramsey County and Woodcreek Provider Services. As reported this week, Woodcreek is notifying more than 200,000 patients, but their report is not yet listed on HHS’s public breach tool. Sandhills Medical Foundation’s report is also not yet on HHS’s breach tool and we have no numbers for them as yet.  It’s possible that we may see one report from Netgain Technology LLC to HHS as the business associate or vendor, but in any event, it seems clear that details about the impact of this incident are still emerging. This breach is a useful example, though, of what can happen and at how many points the entity might have been able to thwart or avoid the biggest part of the breach. Had employee email not been compromised in September…  had the attackers not been able to access the system in November.. had the attackers exfiltrating data been detected and blocked… had the attackers been kicked out before they could deploy ransomware on December 3…. This is another one of those “if only” breaches….  


Notice of Data Breach

At Sandhills Medical Foundation, Inc., we value our patients and their privacy. This notice is to inform our patients about an incident that involved their personal information.

What Happened

Sandhills Medical Foundation, Inc. (“Sandhills”) uses an outside vendor to provide electronic data storage for some of its scheduling, billing, and reporting systems.  On January 8, 2021, the vendor informed Sandhills that the vendor experienced a ransomware attack that affected Sandhills’ systems and the data stored in them. The vendor’s investigation showed that the attackers used compromised credentials to access their system on September 23, 2020. The attackers accessed Sandhills’ systems on November 15, 2020, and exfiltrated (took) Sandhills’ data before the ransomware attack was launched on December 3, 2020.

What Information Was Involved 

Sandhills determined that patient medical records, lab results, medications, credit card numbers and bank account numbers were NOT affected. The affected data included patient names, dates of birth, mailing and email addresses, driver’s licenses, and Social Security numbers.  It also included claims information which could be used to determine patient diagnoses/conditions.

What We Are Doing 

The vendor reported the attack to law enforcement and hired a cybersecurity firm to investigate and respond to the attack.  The vendor paid the attackers to return the data and received assurances that copies of the data were deleted/destroyed.  Since the attack, the vendor has implemented additional security measures.

Sandhills reported the breach to the U.S. Department of Health and Human Services, Office for Civil Rights; to the South Carolina Department of Consumer Affairs; and to the national credit reporting agencies.  Sandhills sent a letter to each affected patient describing the incident and offering one year of free credit monitoring and identity theft protection.

Learn More

For questions about how to enroll in the free credit monitoring and identity theft protection services, affected patients should call 1-888-236-0854. To speak directly with Sandhills’ Compliance Officer about this incident, patients should call 1-800-688-5525.


 

Category: Health DataMalwareSubcontractorU.S.

Post navigation

← Idaho man charged with hacking into the computers of the City of Newnan and metro-Atlanta medical clinics
US indicts John McAfee for cryptocurrency fraud, money laundering →

2 thoughts on “SC: Sandhills Medical Foundation notifies patients of vendor breach”

  1. Sunny Cox says:
    March 15, 2021 at 11:57 am

    My husband nor I have never been to any of the Sandhills Medical Foundation s location in SC or elsewhere. Why were we sent a letter concerning this dataBreach?

    1. Dissent says:
      March 15, 2021 at 2:32 pm

      That’s a really good question. Have you called them to ask them that? Please let us know what you find out.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors
  • Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
  • 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC
  • CISA Alert: Updated Guidance on Play Ransomware
  • Almost one year later, U.S. Dermatology Partners is still not being very transparent about their 2024 breach

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.