Data Breaches at Agency for Community Treatment Services, Leon Medical Centers and Proliance Surgeons

Agency for Community Treatment Services, Inc. (ACTS) based in Tampa, FL is informing some patients about the potential comprimise of some of their protected health information (PHI) due to a cyberattack in October 21, 2020.

The security breach was discovered on October 23 upon deployment of the ransomware (|occurred}. The hackers acquired access to portions of the ACTS server and data networks and did file encryption to block access. Systems had to be taken offline to stop unauthorized access. To find out the scope of the breach, third-party computer forensic specialists investigated the matter .

Though it’s possible that there was unauthorized data access, the investigators did not find any proof to indicate the access or exfiltration of patient information. ACTS mentioned that this was because of the attackers making considerable efforts to hide their malicious activity. The attackers may consequently have accessed or gotten information saved on the breached systems.

The assessment of the compromised systems revealed that they held patient names, birth dates, Social Security numbers, and medical data that contain data such as diagnoses, treatment information, and health insurance data associated with the services obtained by patients from 2000 and 2013.

ACTS could bring back the encrypted data using backups and no ransom was paid. It took steps after the incident to reinforce security and avoid other attacks. Since patient information may have been exposed, ACTS is giving all affected people complimentary credit monitoring and identity theft protection services.

Conti Ransomware at Leon Medical Centers Attacked

Leon Medical Centers, a network of 8 medical centers in Miami and Hialeah in Florida, encountered a Conti ransomware attack. The attackers stole the protected health information of patients prior to the deployment of ransomware and issued a ransom demand with a threat to publish the stolen information of patients.

The attackers claimed the stolen data included names of patients, addresses, diagnoses, treatment data, medical insurance details, patient images and Social Security numbers. They assert to have obtained the PHI of over 1 million patients, though Leon Medical Centers debunked that statement and said the amount of stolen information was very overstated.

The attack happened before December 22, 2020 and Leon Medical Centers is still looking into the incident. At this time it is not clear precisely what data was stolen and how many patients were impacted.

Proliance Surgeons Announce Corporate Website Breach

The corporate website of Proliance Surgeons based in Seattle, WA suffered a breach resulting in the likely theft of payment card information. The surgical practice explained in a December 23, 2020 breach notice that attackers had accessed the website between November 13, 2019 to June 24, 2020. During that time frame, the attackers possibly accessed and gotten cardholder names, card numbers, zip codes, and expiry dates. No other PHI was compromised. The breach only affected individuals who paid for services on the internet, not persons who paid in person or over the phone.

The cause of the breach has been identified and addressed and a new website with a different payment platform has been implemented, which has superior security protections. Proliance has coordinated with the major payment card providers to prevent unauthorized charges on the affected cards. Individuals affected by the breach have been advised to check their statements carefully and to report any unauthorized charges to their card provider.