DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Would Sea Mar Community Health even know about large patient data dumps if not for DataBreaches.net?

Posted on April 6, 2022 by Dissent

The chronology of Sea Mar Community Health Center’s responses to a massive data breach suggests that they may be first learning of data dumps because of notifications by DataBreaches.net or this site’s reporting of our discoveries. If true, what does that say about their security and incident response?  A DataBreaches.net commentary. 

Since 2021, DataBreaches.net has been reporting on a massive breach involving Sea Mar Community Health Centers in Washington state. For almost one year now, DataBreaches.net has been contacting Sea Mar to alert them to data appearing on the internet and to ask them for a response. For more than one year, Sea Mar has not responded to a single alert or request from this site. The chronology of their public notifications, however, suggests that if it were not for this site, they might not even know that their patients’ and employees’ personal and protected health information had been dumped on the internet.

Last month, DataBreaches.net broke the story that yet another 161 GB of Sea Mar data had been leaked on the internet. The files in that leak, unlike two previous data dumps of Sea Mar data, consisted of more than 650,000 image files that, for the most part, were driver’s license images.

DataBreaches.net’s earlier coverage of prior data leaks of Sea Mar data are linked from our March article. The three leaks — one by Marketo and two by Snatch Team — all contained different files. Snatch Team would not reveal whether there were two different entities who had listed data with them at different times or if there was just one entity. Nor did Snatch Team even seem to know that the data came from Sea Mar, saying that the entity who listed the data dump with them did not indicate the source of the data. As a result, it is not clear how many threat actors or groups are in possession of the Sea Mar data or how broadly it has been circulated already.

Sea Mar has now issued another press release, stating that it has learned of additional information involved in their previously-reported incident. This additional information, they write, “may have impacted data belonging to current and former Sea Mar patients and other individuals associated with Sea Mar.”  Looking at their press release below, keep in mind that DataBreaches.net first alerted Sea Mar to the Marketo leak on June 24, 2021. This site then posted updates to the incident in October, 2021 (when Sea Mar first issued a press release), and then again in January, 2022 when we discovered the first dump of 22 GB on Snatch Team, in February after Sea Mar was sued, and then again in March, when we discovered the 161 GB dump on Snatch Team.

Keeping that chronology in mind, here is Sea Mar’s newest press release (emphasis added by DataBreaches.net):

On June 24, 2021, Sea Mar was informed that certain Sea Mar data may have been copied from its digital environment by an unauthorized actor. Upon receipt of this information, Sea Mar immediately took steps to secure its environment and commenced an investigation with the assistance of leading, independent cybersecurity experts. Through the investigation, Sea Mar learned that certain data may have been copied from its digital environment between December 2020 and March 2021 and provided notification to individuals known to have been potentially impacted.

In January and March 2022, Sea Mar learned of additional data that may have been copied from its digital environment, and, upon review, identified that such data contained personal and protected health information. The additional data contained the following personal and protected health information: Name, date of birth, and, in some cases, Social Security number and/or driver’s license information.

Sea Mar has provided notice of the incident on its website to alert all potentially impacted individuals of this incident and the update related thereto. The notice includes information about the incident and steps that potentially impacted individuals can take to protect their information.

The privacy and protection of personal and protected health information is a top priority for Sea Mar, which deeply regrets any inconvenience or concern this incident may cause. Sea Mar is continuing to work with cybersecurity experts to take steps to prevent a similar incident from occurring in the future. Sea Mar has also established a toll-free call center to answer questions about the incident. Call center representatives are available Monday through Friday from 6:00 am – 3:30 pm Pacific Time and can be reached at 1-855-651-2684.

Apart from the civil lawsuits they are facing, and from a regulatory standpoint: will investigators look at why Sea Mar had so much old and unencrypted data on their system?  What did their risk assessment look like for old data? What security did they have on current data? And shouldn’t they have had a system to receive and acknowledge notifications of a breach?  Finally, for now: would they have even known about the data leaks if this site hadn’t discovered their data on leak sites and taken the time to alert them each time?

Related posts:

  • Sea Mar Community Health Centers Hit with Class Action Suits Over 2021 Data Breach
  • A data breach that put 688,000 patients at risk just became … even worse
  • At some point, SNAtch Team stopped being the Snatch ransomware gang. Were journalists the last to know?
  • WA: Sea Mar Community Health Centers discloses breach that began last year
Category: Commentaries and AnalysesHackHealth DataOf NoteU.S.

Post navigation

← MO: Tague Family Practice patient records stolen and leaked
Cyberwar: Are attacks by Russian hackers still covered by cyber insurance? Germany’s perspective (for now) →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach
  • Hackers breach Norwegian dam, open valve at full capacity

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions
  • NY Attorney General James Affirms Hospitals Must Provide Access to Emergency Abortion Care
  • How Internet of Things devices affect your privacy – even when they’re not yours
  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.