Lorenzo Franceschi-Bicchierai reports: On Tuesday, health tech services provider HealthEquity disclosed in a filing with federal regulators that it had suffered a data breach, in which hackers stole the “protected health information” of some customers. In an 8-K filing with the SEC, the company said it detected “anomalous behavior by a personal use device belonging…
Category: U.S.
Florida Community Health Centers to notify almost 300,000 of ransomware attack
As DataBreaches recently reported, in June 2023, SysInformation Healthcare Services d/b/a EqualizeRCM discovered a ransomware attack. One year later, we still don’t know how many clients and patients were affected. But SysInformation wasn’t the only entity that suffered a ransomware attack in June 2023 that hadn’t sent notifications by now. Florida Community Health Centers (FCHC)…
HHS Office for Civil Rights Settles HIPAA Security Rule Failures for $950,000
Settlement with Heritage Valley Health System marks OCR’s third ransomware settlement as the agency sees 264% increase in large ransomware breaches since 2018 The U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced a settlement with Heritage Valley Health System (Heritage Valley), which provides care in Pennsylvania, Ohio and West…
How many clients and patients were affected by a ransomware attack on EqualizeRCM? We have no idea.
On August 17, 2023, SysInformation Healthcare Services, LLC, d/b/a EqualizeRCM (“SysInformation”) notified HHS of a breach. The firm, a business associate that provides revenue and billing cycle management services, reported that 501 patients had been affected. That number is generally interpreted as a placeholder marker when the entity has not yet figured out the real…
Mass General Brigham fires two employees after patient data breach
Bryan Lambert reports: Mass General Brigham says some patients may have had personal information exposed after two employees allegedly allowed an unauthorized person access to private records. The hospital says on April 4 it was made aware of an incident where patients’ personal info, including name, address, medical record number, date of birth, email address,…
Infosys McCamish Systems ransomware attack affected more than 6 million people
Infosys McCamish Systems (“IMS”) in Atlanta provides software and services to the life insurance industry. In October 2023, it was the victim of a ransomware attack that affected 6,078,263 people. As they explain in a notification to the Maine Attorney General’s Office, they were providing notification on their own behalf as a data owner and…