DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

SouthCoast Medical Group and Privia Medical Group notify patients of June 2023 cyberattack

Posted on July 6, 2024 by Dissent

On August 17, 2023, SouthCoast Medical Group (Southcoast Health) in Georgia notified HHS of a breach and posted a preliminary substitute notice on its website. At the time, they reported to HHS that 501 patients were affected, a marker for when an entity doesn’t yet know the actual number but knows it will be more than the 500 that triggers timely notification to HHS. The SouthCoast incident was one of more than 50 incidents that Protenus’s Breach Barometer report noted used a marker in 2023 that wasn’t updated by the end of the year.

Almost one year later, on July 5, 2024, SouthCoast Health and Privia Medical Group of Georgia notified South Carolina that 32,835 South Carolinians were affected by the June 2023 incident. The notification included a copy of the letter being sent to affected patients. SouthCoast also updated its substitute notice, emphasizing that the breach involved only its network and not Privia’s network.

In its notification letter, SouthCoast reported that the incident occurred between June 15 and June 18, 2023, and was discovered on June 18, 2023. The types of information involved varied by individual but included name, Social Security number, passport number, driver’s license number, vehicle license plate number, state identification number, military identification number, student identification number, taxpayer identification number, date of birth, copy of birth certificate, copy of marriage certificate, mother’s maiden name, medical information, health insurance information, email/username and password or security questions and answers, financial account information, payment card information, and electronic/digital signature. From the data types, it sounds like both employee and patient information may have been accessed or acquired.

What We Still Don’t Know

SouthCoast’s entry on HHS has yet to be updated so we still do not know the total number of patients affected. Nor do we know whether there was any ransom demand or if any group claimed responsibility for this attack. DataBreaches emailed Privia to ask whether the attack on SouthCoast was a ransomware attack, whether there was any ransom/extortion demand, what group was responsible for the attack, and whether Privia knows where the stolen data are now. No reply was immediately received.

The SouthCoast Health incident is the third incident in June 2023 where patients are first being notified. As DataBreaches reported this week, another Georgia entity, SysInformation Health dba EqualizeRCM, discovered a ransomware attack on June 18, 2023, and is now notifying patients. And also in June 2023, Florida Community Health Centers discovered a ransomware attack and is now notifying almost 300,000 patients. That makes three incidents in June 2023, two of which were confirmed ransomware attacks, where it has not been publicly disclosed who was responsible for any of these attacks. Three incidents that were so bad that it took the entities a year to figure out who was affected and whom to notify. Three incidents, two of which were confirmed ransomware attacks, where the data have not shown up on any leak site or forum. Is it all just coincidence or is one group responsible for two or all three of these attacks?

Category: Health DataU.S.

Post navigation

← Cyber Attack May Have Exposed Alabama Student, Teacher Data
Personal and health info leaked from Florida Department of Health →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Banks Want SEC to Rescind Cyberattack Disclosure Requirements
  • MathWorks, Creator of MATLAB, Confirms Ransomware Attack
  • Russian hospital programmer gets 14 years for leaking soldier data to Ukraine
  • MSCS board renews contract with PowerSchool while suing them
  • Iranian Man Pleaded Guilty to Role in Robbinhood Ransomware
  • Developments surrounding data breach at Dutch police
  • Estonia launches international search for Moroccan citizen wanted over data theft
  • Now it’s Tiffany: Another LVMH luxury brand hit by hackers
  • Dutch Government: More forms of espionage to be a criminal offence from 15 May onwards
  • B.C. health authority faces class-action lawsuit over 2009 data breach (1)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says
  • Widow of slain Saudi journalist can’t pursue surveillance claims against Israeli spyware firm

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.