Data Breaches at Behavioral Health Network and Rite Aid Corporation

Behavioral Health Network (BHN) in Western Massachusetts, a provider of behavioral health services, submitted a breach report involving a malware attack that resulted in the inaccessibility of files on its computer systems.

BHN became aware of the data breach on May 28, 2020 when its personnel were unable to access its files. The incident was investigated right away to figure out the extent of the attack and the probability of data exfiltration by the attacker. Around July 17, 2020, BHN affirmed the unauthorized access of its systems by someone two days before the malware attack on May 26.

The investigators cannot confirm any data theft prior to malware deployment, however, the odds of it cannot be ruled out. BHN did not receive any report to date of any patient data misuse.

The breached systems audit confirmed the potential exposure of 129,571 current and former patients’ protected health information (PHI). The attacker may have accessed patient information such as names, addresses, birth dates, health insurance claim information and/or medical/diagnosis/treatment records, and Social Security numbers.

As a security measure, BHN provided the affected patients with free credit monitoring and identity theft protection services. In order to avoid the same data breaches from happening again, the provider looked over its policies and procedures, provided its staff further training about data privacy and security, and enforced added safety measures to prevent unauthorized systems access in the future.

Potential Exposure of PHI of 9,200 Rite Aid Clients

Rite Aid Corporation reported that 9,200 of its clients’ PHI was potentially compromised during a civil unrest period that happened in May. Rite Aid pharmacies had a few break-ins on May 27 and after that day. The intruders stole the prescription medication orders which are about to be collected; they also took the hard copies of prescription details with some customer information such as their names and addresses and the details of prescribed medications.

Aside from Rite Aid, other pharmacies, such as Walmart, Walgreens, Cub, CVS, and Kroger pharmacies, had encountered break-ins and burglary.