Regional healthcare systems report data breaches affecting more than 1.5 million

Avatar

Two healthcare networks reported data breaches this week that will impact more than 1.5 million people. 

Connecticut’s Community Health Center Inc. and California’s NorthBay Healthcare Corporation filed breach notifications with regulators in multiple states warning that breaches last year exposed troves of patient data including healthcare data, financial information, Social Security numbers and more. 

Community Health Center, which runs dozens of facilities and clinics across Connecticut, said 1,060,936 current and former patients had data stolen during a cyberattack discovered on January 2. 

“That same day, we brought in experts to investigate and reinforce the security of our systems. They found that a skilled criminal hacker got into our system and took some data, which might include your personal information,” the company said.

“Fortunately, the criminal hacker did not delete or lock any of our data, and the criminal’s activity did not affect our daily operations. We believe we stopped the criminal hacker’s access within hours, and that there is no current threat to our systems.”

But the hacker did access health records that included names, addresses, phone numbers, diagnoses, treatment details, test results, health insurance information and Social Security numbers. 

Victims are being offered two years of identity protection services and a $1 million insurance reimbursement policy for those who may face issues due to the data breach.

Another regional healthcare system, California-based NorthBay Healthcare, reported its own data breach impacting 569,012 people. The nonprofit organization runs two hospitals in northern California, a 100-provider primary and specialty care medical group, a cancer center and other facilities.

The organization told regulators in Maine that hackers breached their systems last year and had access from January 11 to April 1.

The cybercriminals gained access to Social Security numbers, passport numbers, financial information, medical data, health insurance info, credit card and debit card numbers that included expiration dates, security codes and PIN numbers. 

Those affected are being given one year of identity protection services. 

The attack on NorthBay Healthcare was claimed by the Embargo ransomware gang in April 2024. The hospital was forced to turn patients away and cancel appointments following the ransomware attack. 

CybercrimeNewsNews Briefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Insurance firm Globe Life to warn 850,000 of potential data theft following extortion attempt

Next Post

Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts

Related Posts

Microsoft: Russian-Linked Hackers Using ‘Device Code Phishing’ to Hijack Accounts

Microsoft is calling attention to an emerging threat cluster it calls Storm-2372 that has been attributed to a new set of cyber attacks aimed at a variety of sectors since August 2024. The attacks have targeted government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas
Avatar
Read More