Summary: Cyberattacks on healthcare not decreasing
In recent weeks, as in previous years, there has been a steady stream of news about data breaches, ransomware attacks and cyber incidents involving healthcare stakeholders, from hospitals to patient transportation services and public health agencies.
Meanwhile, many months after one of the largest cyberattacks in recent history, Change Healthcare – as promised and required – has begun sending breach notifications to millions of Americans.
Below you will find an overview of the most recent headlines.
Patient transport provider hacked
On June 22, DocGo, a provider of ambulatory and remote patient monitoring in the US and UK, notified UCHealth in Aurora, Colorado, that its patient transport service Ambulnz for medical facilities in Denver and Colorado Springs experienced a cyberattack that could have impacted patients.
It is the second time in two months that DocGo has been linked to a breach of its third-party patient transport services.
“This incident did not impact UCHealth’s IT systems or electronic health records,” the health system said on its website. website Wednesday.
The attack took place between April 21 and 22 and involved an unauthorized access, Ambulnz said in its report. Notification of Data Security Incidents.
“Through our analysis, we determined that some of these files contained patient information, including names along with one or more of the following: dates of birth, addresses, medical record numbers, patient account numbers, health insurance identification numbers, diagnoses and/or treatment information,” the carrier said in a statement.
A limited number of patients transported by Ambulnz may have had their citizen service numbers and driver’s license numbers stolen.
On May 7, DocGo filed a notification with the U.S. Securities and Exchange Commission regarding a recent cyberattack on the company’s IT systems that compromised U.S. patient data.
Change sends infringement notices
On June 20, Change Healthcare began forwarding emails to customers whose member or patient data was involved in a notorious February data breach, discovered after a ransomware attack took down its payment clearinghouse.
“The information that may be affected will not be the same for every affected person,” the company said in a notice posted on its website.
While the breach victim’s health insurance, billing, and claims data may have been exposed in the large-scale attack, medical record numbers, healthcare providers, diagnoses, medications, test results, images, and care and treatment plans may also have been exposed.
“To date, we have not seen full medical histories in the data review,” Change said.
According to the company, some of the people who fell victim to the cyberattack on Change Healthcare could be guarantors for healthcare service bills.
The forensic analysis of Change’s activities is extensive and has yet to be completed. The company says that more victims of the breach may be identified.
Change has placed a replacement notice on its website for its clients to provide information to members and patients, noting that the organization does not have the addresses of all known victims.
Change has established a dedicated call center for resources and information, and provides trained clinicians with the ability to provide callers with support services.
Individuals can go to Changecybersupport.com for more information and details about these resources or call the toll-free call center at (866) 262-5342, Monday through Friday, 8 a.m. to 8 p.m. CT, where trained clinicians are also available to provide support services
RansomHub Releases Florida DOH Data
100 gigabytes of data has been stolen from the Florida DOH’s network. Employee records, prescription data, screening information and more, along with social security numbers, were exposed on a Tor-based leak site. Safety Week reported on Tuesday.
RansomHub began publishing the stolen PII and PHI over the weekend after the ransomware gang’s July 5 deadline passed, the story.
The attack also disrupted the agency’s center where birth and death certificates are issued. News4JAX reported that for births after June 28, the department offers manual processing of birth certificates. Death certificates require the signature of a health care provider, in addition to the cause of death and the signature of a coroner for issuance.
LockBit attacks CAHl
Security matters reported earlier this month that LockBit took responsibility for an attack about a nonprofit organization that provides intensive care in Illinois: the 25-bed Fairfield Memorial Hospital.
Fairfield has until July 17 to pay the ransom, or the stolen data will be released on the dark web.
Andrea Fox is Editor-in-Chief of Healthcare IT News.
Email address: afox@himss.org
Healthcare IT News is a publication of HIMSS Media.