Lawrence Mower, Romy Ellenbogen, and Christopher O’Donnell report: A hacker group claims it has breached the Florida Department of Health and gained access to a large amount of potentially sensitive data on Floridians. The RansomHub ransomware group said in a post on the dark web that it will release 100 gigabytes of department data unless the…
Category: Health Data
HealthEquity says data breach is an ‘isolated incident’
Lorenzo Franceschi-Bicchierai reports: On Tuesday, health tech services provider HealthEquity disclosed in a filing with federal regulators that it had suffered a data breach, in which hackers stole the “protected health information” of some customers. In an 8-K filing with the SEC, the company said it detected “anomalous behavior by a personal use device belonging…
Florida Community Health Centers to notify almost 300,000 of ransomware attack
As DataBreaches recently reported, in June 2023, SysInformation Healthcare Services d/b/a EqualizeRCM discovered a ransomware attack. One year later, we still don’t know how many clients and patients were affected. But SysInformation wasn’t the only entity that suffered a ransomware attack in June 2023 that hadn’t sent notifications by now. Florida Community Health Centers (FCHC)…
Insider Threat: Fake Therapist Fooled Hundreds Online Until She Died, State Records Say
In April 2023, Brightside Health, Inc. reported a breach to HHS that affected 767 patients. The incident was coded as “unauthorized access/disclosure” of information located in “EMR, other.” HHS’s closing statement on the public breach tool described the incident this way: The covered entity (CE), Brightside Health, reported that an unauthorized individual accessed the protected…
HHS Office for Civil Rights Settles HIPAA Security Rule Failures for $950,000
Settlement with Heritage Valley Health System marks OCR’s third ransomware settlement as the agency sees 264% increase in large ransomware breaches since 2018 The U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced a settlement with Heritage Valley Health System (Heritage Valley), which provides care in Pennsylvania, Ohio and West…
How many clients and patients were affected by a ransomware attack on EqualizeRCM? We have no idea.
On August 17, 2023, SysInformation Healthcare Services, LLC, d/b/a EqualizeRCM (“SysInformation”) notified HHS of a breach. The firm, a business associate that provides revenue and billing cycle management services, reported that 501 patients had been affected. That number is generally interpreted as a placeholder marker when the entity has not yet figured out the real…