The California Department of Corrections and Rehabilitation (CDCR) has just learned that unauthorized persons have acquired access to its information systems. The affected system stored medical information on all persons who were examined for COVID-19 between June 2020 and January 2022, such as employees, visitors, and other people, though not inmates. The data regarding COVID-19 exams included name, address, phone number, email, birth date, and COVID-19 screening results.
Data on the system likewise enclosed the mental health details of inmates in the Mental Health Services Delivery System since 2008, and the information of people on parole who were included in substance use disorder treatment services. Some of the breached data included trust account data, Social Security Numbers, and driver’s license numbers.
The information of inmates contained the name, CDCR number, mental health background, mental health diagnosis and treatment. The data in the Trust, Restitution, Accounting, and Canteen System (TRACS) was additionally possibly involved, consisting of transaction data created by CDCR to and from trust accounts from 2008, coupled with certain trust account numbers.
CDCR stated the data breach was identified while in scheduled maintenance. The investigation didn’t affirm when the first system compromise happened; nevertheless, suspicious activity was discovered in a file transfer system dated December 2021. CDCR could not verify whether any specific information was accessed or extracted and mentioned no confirming proof was seen that indicates compromise or misuse of the exposed information.
CDCR stated processes and practices were improved to reduce the possibilities for more breaches and the affected computer system is not being utilized anymore. An alternative computer system was used having more security adjustments.
The breach is not yet published on the HHS’ Office for Civil Rights Breach Website therefore it is presently not clear how many persons were impacted.
Lamoille Health Partners Affected by Ransomware Attack
Lamoille Health Partners located in Vermont has lately reported that it experienced a ransomware attack last June 13, 2022. It took immediate action to stop continuing unauthorized access to its networks. A third-party digital forensics company assisted with the investigation. Lamoille Health Partners mentioned it can safely recover the encrypted files from backup copies thus no ransom was compensated; nonetheless, the forensic investigation affirmed that the attackers acquired access to its systems from June 12, 2022 to June 13, 2022. At that time it’s possible that files comprising patients’ protected health information (PHI) may have been accessed or obtained.
On June 24, 2022, Lamoille Health Partners confirmed that the records that might have been viewed contained patient data including names, birth dates, addresses, medical insurance details, medical treatment data, and Social Security numbers. 59,381 people were advised about the compromise of their PHI. Free identity protection and credit monitoring services were given to persons whose Social Security numbers were compromised.