DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

SC: Sandhills Medical Foundation notifies patients of vendor breach

Posted on March 6, 2021 by Dissent

Updated 3/6/2021:  Sandhills reported this incident to Maine as impacting 39,602 patients, total.

Original Post:

Sandhills Medical Foundation has posted a notice of a data security incident on their web site, reproduced below.  Based on the dates and description, it appears that this is the Netgain Technology LLC data breach that has previously been noted on DataBreaches.net as affecting Ramsey County and Woodcreek Provider Services. As reported this week, Woodcreek is notifying more than 200,000 patients, but their report is not yet listed on HHS’s public breach tool. Sandhills Medical Foundation’s report is also not yet on HHS’s breach tool and we have no numbers for them as yet.  It’s possible that we may see one report from Netgain Technology LLC to HHS as the business associate or vendor, but in any event, it seems clear that details about the impact of this incident are still emerging. This breach is a useful example, though, of what can happen and at how many points the entity might have been able to thwart or avoid the biggest part of the breach. Had employee email not been compromised in September…  had the attackers not been able to access the system in November.. had the attackers exfiltrating data been detected and blocked… had the attackers been kicked out before they could deploy ransomware on December 3…. This is another one of those “if only” breaches….  


Notice of Data Breach

At Sandhills Medical Foundation, Inc., we value our patients and their privacy. This notice is to inform our patients about an incident that involved their personal information.

What Happened

Sandhills Medical Foundation, Inc. (“Sandhills”) uses an outside vendor to provide electronic data storage for some of its scheduling, billing, and reporting systems.  On January 8, 2021, the vendor informed Sandhills that the vendor experienced a ransomware attack that affected Sandhills’ systems and the data stored in them. The vendor’s investigation showed that the attackers used compromised credentials to access their system on September 23, 2020. The attackers accessed Sandhills’ systems on November 15, 2020, and exfiltrated (took) Sandhills’ data before the ransomware attack was launched on December 3, 2020.

What Information Was Involved 

Sandhills determined that patient medical records, lab results, medications, credit card numbers and bank account numbers were NOT affected. The affected data included patient names, dates of birth, mailing and email addresses, driver’s licenses, and Social Security numbers.  It also included claims information which could be used to determine patient diagnoses/conditions.

What We Are Doing 

The vendor reported the attack to law enforcement and hired a cybersecurity firm to investigate and respond to the attack.  The vendor paid the attackers to return the data and received assurances that copies of the data were deleted/destroyed.  Since the attack, the vendor has implemented additional security measures.

Sandhills reported the breach to the U.S. Department of Health and Human Services, Office for Civil Rights; to the South Carolina Department of Consumer Affairs; and to the national credit reporting agencies.  Sandhills sent a letter to each affected patient describing the incident and offering one year of free credit monitoring and identity theft protection.

Learn More

For questions about how to enroll in the free credit monitoring and identity theft protection services, affected patients should call 1-888-236-0854. To speak directly with Sandhills’ Compliance Officer about this incident, patients should call 1-800-688-5525.


 

No related posts.

Category: Health DataMalwareSubcontractorU.S.

Post navigation

← Idaho man charged with hacking into the computers of the City of Newnan and metro-Atlanta medical clinics
US indicts John McAfee for cryptocurrency fraud, money laundering →

2 thoughts on “SC: Sandhills Medical Foundation notifies patients of vendor breach”

  1. Sunny Cox says:
    March 15, 2021 at 11:57 am

    My husband nor I have never been to any of the Sandhills Medical Foundation s location in SC or elsewhere. Why were we sent a letter concerning this dataBreach?

    1. Dissent says:
      March 15, 2021 at 2:32 pm

      That’s a really good question. Have you called them to ask them that? Please let us know what you find out.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • India’s Max Financial says hacker accessed customer data from its insurance unit
  • Brazil’s central bank service provider hacked, $140M stolen
  • Iranian and Pro-Regime Cyberattacks Against Americans (2011-Present)
  • Nigerian National Pleads Guilty to International Fraud Scheme that Defrauded Elderly U.S. Victims
  • Nova Scotia Power Data Breach Exposed Information of 280,000 Customers
  • No need to hack when it’s leaking: Brandt Kettwick Defense edition
  • SK Telecom to be fined for late data breach report, ordered to waive cancellation fees, criminal investigation into them launched
  • Louis Vuitton Korea suffers cyberattack as customer data leaked
  • Hunters International to provide free decryptors for all victims as they shut down (2)
  • SEC and SolarWinds Seek Settlement in Securities Fraud Case

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • German court awards Facebook user €5,000 for data protection violations
  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t
  • Oregon Amends Its Comprehensive Privacy Statute

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.