The Michigan law firm, Warner Norcross and Judd LLP, has released notification letters to 255,160 persons informing them about a data breach in October 2021 causing the likely access and extraction of files that contain their personal information and protected health information (PHI). The breach was discovered on October 22, 2021. In the substitute breach notice, there was no statement about when, and for how much time, unauthorized people got access to its networks.
A digital forensics agency assisted to look into the character and extent of the security breach and performed a programmatic and manual evaluation of the records on the affected sections of its system. The assessment affirmed that the files included information for instance names, dates of birth, government-issued IDs, Social Security numbers, driver’s license numbers, yearly payment amounts, benefit contribution data, credit or debit card numbers, debit card or credit card PINs, routing or financial account numbers, patient account numbers, passport numbers, health data, and life insurance policy details.
The Michigan Law company mailed notification letters to impacted persons in August and gave tips on things that people can undertake to minimize the risk of identity theft and fraud, yet it would look that credit monitoring and identity theft protection services aren’t on offer. The law organization mentioned it shall take steps to strengthen security to avert other data breaches.
Medical Imaging Providers Report PHI Breach
Gateway Diagnostic Imaging, a company managing 12 medical imaging services in North Texas, and Radiology Ltd, a medical imaging firm located in Tucson, AZ, have lately commenced informing selected patients concerning a breach of systems that held patient records. The security breach was noticed on December 24, 2021, and the ensuing forensic investigation established that unauthorized persons acquired access to its systems from December 17 to December 24, 2021.
The data on the impacted systems comprised data including names, Social Security numbers, birth dates, addresses, medical insurance data, patient account numbers, medical record numbers, doctor names, dates of service, and details linked to the radiology services given.
As a preventative measure against identity theft and fraud, the firm provided the affected people a free one-year membership to the credit monitoring and identity theft protection service via Equifax Credit Watch Gold. Supplemental safety measures are likewise being put in place to stop more security breaches, and changes were made to its tracking functions.
The breach report isn’t published yet on the HHS’ Office for Civil Rights Breach website thus it is uncertain at this time how many people were impacted.
Health Insurers Confirm the Compromise of Members’ PHI During OneTouchPoint Data Breach
Over the last couple of weeks, a number of health plans have stated that their members’ (PHI) was breached during a ransomware attack on OneTouchPoint. The printing and mailing provider lately affirmed to the Maine Attorney General the compromise of the PHI of 2.65 million people was in the attack. At first, the breach report submitted to the Maine Attorney General indicated that around 1.1 million individuals were affected.
Arkansas Blue Cross and Blue Shield lately informed the HHS’ Office for Civil Rights about the compromise of the PHI of 8,871 members in the attack. Medical Mutual of Ohio has reported that the breach affected 1,377 members.