Salusive Health, the creator of the myNurse platform which assists doctor practices to simplify disease management, has encountered a cyberattack whereby patient information was affected.
In the Salusive Health’s breach notification letters mailed to patients, it mentioned that it discovered unauthorized activity inside its computer system on March 7, 2022, and quickly enforced containment, mitigation, and restoration initiatives, and had third-party cybersecurity specialists to give assistance with those steps. The investigation established that unauthorized persons accessed the personal data and protected health information (PHI) of patients, including name, telephone number, gender, home address, email address, birth date, medical background, diagnosis and treatment data, dates of service, laboratory test findings, prescription details, medical account number, name of provider, group plan provider, health insurance policy and group plan number, and claim data.
Salusive Health stated it enforced more security steps to stop more breaches, has informed impacted persons and provided complimentary identity theft protection services, and sent a report regarding the cyberattack to the FBI. The incident is not yet published on the HHS’ Office for Civil Rights’ breach site, therefore it is uncertain at this period how many people were affected.
Salusive Health additionally revealed in the breach notification letters that the hard decision was considered to stop clinical operations on May 31, 2022, which will permit patients to pass their chronic care management and remote tracking services back to their primary care doctors. Salusive Health mentioned the choice to end operations is not related to the data security incident.
24,000 Patients Impacted by New Creation Counseling Center Ransomware Attack
New Creation Counseling Center (NCCC) located in Tipp City, OH, has lately begun informing 24,029 patients that some of their PHI were possibly exposed in a recent cyberattack.
NCCC detected a compromise of its IT networks on February 13, 2022 because its users are unable to access files on the network. The center promptly had taken steps to stop more unauthorized access and began an investigation to find out the nature and magnitude of the breach. NCCC affirmed the use of ransomware to encrypt data files and helped third-party cybersecurity specialists with the response and recovery.
NCCC stated that it continued to give health care to patients all the way through and that the ransomware has been removed from its programs. Although the investigation didn’t uncover any proof of information theft, it wasn’t possible to ignore it. An assessment of files on the impacted systems affirmed they included names, telephone numbers, addresses, email addresses, dates of birth, Social Security numbers, medical insurance details, intake forms, clinical releases, and treatment information.
Breach notifications had been mailed to impacted people starting on April 12, 2022, and 12 months of credit monitoring services were provided to patients without cost.