DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Lutheran Social Services of Illinois notifies 184,183 of ransomware attack one year ago

Posted on January 27, 2023 by Dissent

On March 25, 2022, Lutheran Social Services of Illinois (LSSI) notified HHS of a breach affecting 1,000 people. The incident, still under investigation by HHS, was coded as a “Hacking/IT Incident”  involving data on the network server.

On January 25, 2023, LSSI notified the Maine Attorney Genera’s Office a breach affecting a total of 184,183 people.

In its newest report, LSSI reports that on January 27, 2022, they discovered they had been hit with a ransomware attack. Almost one year later, on December 28, 2022, they discovered that “certain personal information maintained on our systems was potentially accessed by an unauthorized party from December 31, 2021 to January 27, 2022.”

Based on the timeframe and the fact that this was a ransomware attack, the March 2022 report to HHS was probably just a first report on the incident, although that is somewhat speculative on DataBreaches’ part.

But is the newest report to Maine of 184,183 affected only about patients/clients, or does it include others who would not be reportable under HIPAA? It’s unclear because Maine requires entities report the total number of people affected, whereas HHS only reports the number of patients affected.

LSSI’s notification does not explain why it took them a year from initial event/discovery to figure out who was affected and whom to notify.

 

 

Category: Breach IncidentsHealth DataMalwareU.S.

Post navigation

← Indianapolis Housing Authority breach was worse than originally estimated
Stratford University discloses ransomware attack — but which ransomware attack? →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Investigation of 2024 Helsinki data breach – Report
  • Major trial underway for data leak that left 72,000 victims in France
  • Anubis: A Closer Look at an Emerging Ransomware with Built-in Wiper
  • HealthEC Agrees to $5.48 Million Settlement to End Data Breach Lawsuit
  • US offering $10 million for info on Iranian hackers behind IOControl malware
  • Sompo Japan Insurance submits improvement plan after info leakage
  • Moreno Valley, Calif., Schools Report Data Breach
  • The Growing Cyber Risks from AI — and How Organizations Can Fight Back
  • Credit Control Corporation data allegedly from 9.1 million consumers listed for sale on forum
  • Copilot AI Bug Could Leak Sensitive Data via Email Prompts

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Your household smart products must respect your privacy – including your air fryer
  • Vermont signs Kids Code into law, faces legal challenges
  • Data Categories and Surveillance Pricing: Ferguson’s Nuanced Approach to Privacy Innovation
  • Anne Wojcicki Wins Bidding for 23andMe
  • Would you — or wouldn’t you?
  • New York passes a bill to prevent AI-fueled disasters
  • Synthetic Data and the Illusion of Privacy: Legal Risks of Using De-Identified AI Training Sets

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.