Data Breaches Announced by Jefferson Health and Allegheny Health Network Home Infusion

Ransomware Attack on Vendor Affected Allegheny Health Network Home Infusion Patients

Allegheny Health Network Home Infusion based in Pittsburgh, PA was informed regarding a ransomware attack on Vantage Healthcare Network, Inc., one of its vendors

On October 17, 2021, Vantage noticed suspicious activity inside its network and employed a third-party cybersecurity company to look into the security breach. AHN Home Infusion received advice on November 22, 2021, that the ransomware gang got access to systems containing patient data. The attackers exfiltrated some content prior to encryption.

AHN Home Infusion performed its own investigation together with Vantage to find out which patients were affected, and the types of information that was exposed. The following types of data had likely been accessed or exfiltrated in the data breach:

Names, billing data, prescription medications, nurse’s notes, patient referral details, treatment and therapy notes, scheduling data, medical device orders, and some Social Security numbers.

AHN Home Infusion stated the investigation into the incident and the document assessment is in progress. To date, there are no hints that any patient data has been or will be inappropriately used.

Vantage has reported that it has retrieved all files encrypted during the attack. Those who had their Social Security numbers compromised will be provided complimentary credit monitoring services. The provider has submitted the breach report to the HHS’ Office for Civil Rights indicating that 7,500 individuals were impacted.

Hacker Acquired Access to Jefferson Health Insurance Portal

Jefferson Health in Philadelphia, PA has found out that unauthorized persons acquired access to an online health insurance website that was employed to submit billing details for payment. The breach occurred on November 18, 2021, and the threat actor attempted to reroute wire payments meant for Jefferson Health.

On November 22, 2021, the insurance company found out the attacker got a remittance record that included the billing details of 3,475 patients of Abington Memorial Hospital, and 5,239 Thomas Jefferson University Hospital patients. The remittance document contained names, month and year of birth, service date(s), treatment codes, and treatment fees. There was no compromise of Social Security numbers, medical insurance data, financial account data, or other treatment details.

Jefferson Health has distributed breach notification letters to affected people and explained it is assessing and improving its security practices.