In September 2023, DataBreaches reported on an alleged ransomware attack involving Visiting Physician’s Network in Texas. The report provided screenshots of data leaked on the Threeam gang’s leak site and noted that Visiting Physician’s Network did not respond to inquiries about the breach.
It is now one year later. DataBreaches has found no substitute notice, no media notice, no report to the Texas Attorney General’s Office, and no report to the U.S. Department of Health and Human Services (HHS).
DataBreaches emailed the Visiting Physician’s Network again. Once again, they have not responded.
If the data provided by Threeam were real, then this was a breach that had to be reported to Texas, to HHS, and to any states whose residents may also have been affected. And yet…. crickets?
DataBreaches does not want to publicly accuse any entity of violation of federal or state breach notification obligations, but if this was a reportable breach, has it been reported, and have patients been notified?
Cybersecurity firm BlackFog posted some interesting statistics last year that showed a significant number of breaches were going unreported with unreported ransom being significantly greater than reported attacks.
Has Anyone Seen Any Breach Notification from Visiting Physician’s Network?
If you were or are a patient of Visiting Physician’s Network, have you received any notification about a breach or “cyberattack” or “data security incident” in 2023?
Has anyone seen any breach notification from this entity in any media or news outlet? If so, please forward a copy to tips[at]databreaches.net and tell us where you found it/saw it so we can update this post.
And if you are a federal or state regulator, or a personal injury law firm who has opened an investigation into the alleged breach, please contact this site.