DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Roundup: Four more breaches in the healthcare sector: Healthback Holdings, Zenith American Solutions, Bronx Accountable Healthcare Network, and Centerstone

Posted on August 6, 2022 by Dissent

On June 1, Healthback Holdings, LLC in Oklahoma discovered that they had been subject to a hacking incident that began in October 2021.  “A limited number” of  employee accounts were compromised. On July 29, Healthback notified HHS that 21,114 patients were affected. Their notice says that names, health insurance information, Social Security numbers, and clinical information was in the compromised email accounts.

Zenith American Solutions claims to be the largest independent Third Party Administrator in the United States with more than 47 offices nationwide. On June 24, there was a mailing error by an unnamed vendor that resulted in Social Security numbers being included in the mailing addresses of those sent letters that day. The error was discovered on June 28. Zenith reported the incident to HHS on July 20 as impacting 37,146 individuals, but it is not clear if that was the grand total or just on behalf of certain covered entities. Their notice to Sound Health and Wellness Trust  provides more details about the types of data involved.

The Bronx Accountable Healthcare Network notified HHS on July 20 about a hacking incident involving email that impacted 17,161 patients. DataBreaches could find no notice on their site, and has written to them to ask if this report might be part of the Acacia Network breach in 2020 that was first disclosed in February of this year.

Centerstone is a nonprofit providing mental health, addiction recovery, residential care, therapeutic foster care, counseling, and crisis services at more than 200 locations in four states: Florida, Tennessee, Illinois, and Indiana. On February 14, they discovered a breach impacting their email environment that began in November 2021. The incident has not yet appeared on HHS’s public breach tool, but their press release indicates that the types of information of former and current clients that may have been accessed and acquired include: name, address, Social Security number, date of birth, client ID, medical diagnosis / treatment information, and/or health insurance information.

No related posts.

Category: Breach IncidentsCommentaries and AnalysesHackHealth DataU.S.

Post navigation

← Class Action Targets Experian Over Account Security
Ransomware team hits Disability Help Group →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions
  • NY Attorney General James Affirms Hospitals Must Provide Access to Emergency Abortion Care
  • How Internet of Things devices affect your privacy – even when they’re not yours

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.