Data Breaches Announced by the Onyx Technologies, San Diego American Indian Health Center, and New Jersey Department of Health

Onyx Technologies located in Largo, MD, a firm providing IT and Consulting Services and a vendor of Independent Care Health Plan (iCare), lately advised 96,814 health plan members concerning the likely exposure of some of their protected health information (PHI).

Onyx learned on June 28, 2022 that unauthorized persons had accessed its computer systems and may have obtained access to the PHI of iCare members, such as names, birth dates, addresses, telephone numbers, iCare member ID numbers, Medicare ID Numbers, dates of service, and names of the provider.

Onyx stated that an evaluation of its computer networks was quickly carried out, and a security agency helped with the analysis. Systems access was recovered on July 7, 2022. As per Onyx, a server may have been taken out or accessed starting on March 29, 2022 and ending on June 28, 2022. On July 15, 2022, the security company discovered that certain information associated with members might have been viewed.

Onyx mentioned it didn’t uncover any proof that indicates any of the impacted data was identified. Impacted persons were provided complimentary two-year credit monitoring and identity theft protection services.

27,367 Individuals Affected by San Diego American Indian Health Center Breach

San Diego American Indian Health Center has informed 27,367 present and past patients that unauthorized people acquired access to areas of its network and exfiltrated files that contain some of their PHI.

The health center discovered the security breach on May 5, 2022, and took prompt steps to safeguard the system and avoid further unauthorized access. The investigation by a digital forensics agency affirmed on July 22, 2022 the compromise of patient information, such as names, driver’s license numbers, state identification card numbers, tribal ID card numbers, medical details, medical insurance data, dates of birth, and Social Security numbers.

San Diego American Indian Health Center stated it is not aware of any actual or attempted misuse of patient data. Impacted persons have been given free credit monitoring and identity protection services and action had been undertaken to strengthen security to stop more data breaches.

New Jersey Department of Health Warns Patients Concerning Vendor Data Breach

The New Jersey Department of Health, Division of Behavioral Health Services lately reported on the theft of the protected health information of a number of patients of Trenton Psychiatric Hospital and the Anne Klein Forensic Center in a security incident that occurred at a vendor offering the hospitals medical translation and dictation services.

Unauthorized people obtained access to sections of the vendor’s systems and extracted files that contained the PHI of patients. The vendor advised the NJ Department of Health concerning the information breach on June 30, 2022. It is presently unclear which vendor was affected, the types of data exposed, and the number of persons impacted by the data breach. The affected hospitals will inform the patients directly when they are impacted.