DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

TN: Professional Healthcare Management discloses ransomware incident

Posted on October 31, 2021 by Dissent

PHM’s press release, followed by this site’s comments/notes:

MEMPHIS–(BUSINESS WIRE)–Professional Healthcare Management, Inc. (“PHM”)1, located in Memphis, Tennessee, announced today that it recently became aware of a data privacy incident impacting its servers, which contained protected health and personal information of some PHM clients and employees. PHM is a business that primarily operates in the home health care services industry and provides related health care services. PHM is committed to keeping the community informed, communicating about the steps it is taking toward resolution, and ensuring impacted individuals have the tools they need to minimize the impact of the incident.

On September 14, 2021, PHM discovered that it was the victim of a sophisticated ransomware attack. After discovering the incident, PHM quickly took steps to secure and safely restore its systems and operations. Further, PHM immediately engaged third-party forensic and incident response experts to conduct a thorough investigation of the incident’s nature and scope and assist in the remediation efforts. PHM’s investigation is ongoing, but after performing a comprehensive review of the impacted data, PHM believes it could contain protected health information.

PHM is notifying those potentially impacted by this incident by mail (if possible) and providing steps that can be taken to protect their information, including complimentary identity monitoring and protection services. PHM recommends that these individuals enroll in the services provided and follow the recommendations contained within the notification letter to increase the likelihood that their information remains protected. As of the date of this release, PHM has no evidence indicating misuse of any information. Notification to individuals potentially affected by this incident is being performed out of an abundance of caution and pursuant to the organization’s obligations under the Health Insurance Portability and Accountability Act (HIPAA).

Further, after reviewing the potentially impacted protected health and personal information, PHM determined that it may include first and last name, social security number, health insurance information (Medicaid number, Medicare number and insurance identification number), prescription name(s) and diagnosis code(s). Again, as stated above, it is important to note that PHM has no evidence of misuse of any information as of the date of this release.

In response to this incident, PHM is implementing additional cybersecurity safeguards, enhancing its cybersecurity policies, procedures, and protocols, and implementing additional employee cybersecurity training.

“We take the security and privacy of the information contained in our systems with the utmost seriousness. Further, we were shocked to discover that we were one of the thousands of victims of this type of cyberattack,” said Amanda Egner, CIO of PHM. “We are fully committed to protecting the information on our systems and sincerely regret the concern and inconvenience caused by this event. We thank the community, our employees, patients, and partners for their support during this event.”

As a precautionary measure, PHM recommends that individuals remain vigilant by closely reviewing their account statements and credit reports. If any suspicious activity is detected, PHM strongly advises that the account holder promptly notify the financial institution or company that maintains the account. Further, individuals should promptly report any fraudulent activity or any suspected incidence of identity theft to proper law enforcement authorities, including their state attorney general and the Federal Trade Commission (FTC). To file a complaint or to contact the FTC, you can (1) send a letter to the Federal Trade Commission, Consumer Response Center, 600 Pennsylvania Avenue NW, Washington, DC 20580; (2) go to IdentityTheft.gov/databreach; or (3) call 1-877-ID-THEFT (877-438-4338). Complaints filed with the FTC will be added to the FTC’s Identity Theft Data Clearinghouse, a database made available to law enforcement agencies.

For more information about tips to protect from identity theft, please visit www.qualityfirsthc.com, www.volunteerhomecare.com, or www.affinityhospice.net.

For individuals seeking more information or who have questions, please call the dedicated toll-free helpline set up specifically for this purpose at 1-833-760-0502, Monday through Friday, 8:00 a.m. to 8:00 p.m. (EST). In addition, individuals seeking to contact PHM directly may write to Professional Healthcare Management, 7900 Players Forest Drive, Memphis, TN 38119.

1 Professional Healthcare Management, Inc. is a management company that manages (or previously managed) five healthcare entities (Volunteer Home Care Inc.; Volunteer Home Care of West TN., Inc.; Volunteer Home Care of Middle TN., Inc., which also does business as Quality First Home Care; Springhill Home Health and Hospice; and Affinity Health Care).


Comment by DataBreaches.net:  This attack first appeared on the Cuba ransomware group’s leak site on September 21.  When DataBreaches.net looked at the alleged proof of claims, we discovered that the data Cuba posted had nothing to do with PHMINC.

At some date unknown to DataBreaches.net, Cuba removed the listing. Usually that means that the victim has paid ransom, but that is not necessarily proof of anything.

DataBreaches.net emailed PHMINC to ask whether they had paid the extortion demand to get Cuba to remove the listing from their leak site and to supposedly destroy all data, but no immediate reply has been received. This post will be updated if a reply is received.

This incident has not yet shown up on HHS’s public breach tool.

Category: Health DataSubcontractorU.S.

Post navigation

← ‘Black Shadow’ hackers leak data from Israeli LGBT app
Shoot-the-Messenger, Monday edition: ActMobile threatens researcher whose only sin was trying to let them know they are leaking data →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Central Maine Healthcare tackles suspected cybersecurity issue; hospitals remain open
  • Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed
  • Beyond the Pond Phish: Unraveling Lazarus Group’s Evolving Tactics
  • Akira doesn’t keep its promises to victims — SuspectFile
  • Fraudsters, murderers, students: who the GRU assembled a team of hacker provocateurs from and why it failed
  • Order of Psychologists of Lombardy fined 30,000 € for inadequate data security protection and detection following ransomware attack
  • Lower Merion School District says a data breach was caused by a computer glitch (1)
  • After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers
  • Junior Defence Contractor Arrested For Leaking Indian Naval Secrets To Suspected Pakistani Spies
  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Stewart Baker vs. Orin Kerr on “The Digital Fourth Amendment”
  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.