Data Breaches at Legacy Community Health Services, Georgia Department of Human Services and VOXX International

Phishing Attack on Legacy Community Health Services Impacts 228,000 People

Legacy Community Health Services located is informing 228,009 patients regarding a breach that involve some of their protected health information (PHI). An unauthorized person viewed the PHI saved in an email account.

Legacy Community Health Services discovered the data breach on July 29, 2020, which was prompted by one employee’s response to a phishing email that gave away the login information to the hacker. The email account was made secure right away and a computer forensics company investigated the breach.

There is no evidence found that shows the attacker accessed email messages or stole electronic protected health information. However, the probability of data theft cannot be completely discounted. The data contained in the breached email account were patient names, service dates, and health data associated to health care at Legacy, together with the Social Security numbers of a limited number of patients. Free membership to a credit monitoring and identity protection services was given to patients whose SSN was exposed.

Legacy Community Health Services has strengthened email security since the phishing attack and the employees acquired retraining on recognizing and averting phishing emails.

Georgia Department of Human Services Reports Breach of Several Employee Email Accounts

Unauthorized persons got access to the email accounts of several Georgia Department of Human Services employees. The email accounts held the personal information and PHI of parents and kids who were part of Child Protective Services (CPS) incidents with the DHS Division of Family & Children Services (DFCS).

The Georgia Department of Human Services found out in August that the emails, which the hackers possibly accessed comprised personal information and PHI. The breach investigation showed that the unauthorized individuals obtained access to the accounts from May 3, 2020 to May 15, 2020.

The types of data compromised differed from one individual to another and might have contained full names, names of family members, relationship to the child getting services, home county, birth date, age, DFCS identification numbers, DFCS case number, frequency contacted by DFCS, an identifier that shows whether face-to-face contact was medically proper, telephone numbers, email addresses, Medicaid identification number, Medicaid medical insurance identification number, Social Security number, healthcare provider name and consultation dates.

Psychological reports, consultation notes, medical diagnoses, and substance abuse details related to 12 persons were additionally included in the breached email accounts, as well as the bank account details of one person.

Ransomware Attack on VOXX International

VOXX International Corporation has affirmed the ransomware attack it encountered on July 7, 2020 and the potential compromise of the PHI of its benefit plan members. Data stored in data files on the impacted servers contained names, email addresses, addresses, birth dates, Social Security numbers, financial account numbers, and/or medical insurance data of present and past workers, their dependents and beneficiaries.

The result of the investigation into the ransomware attack showed that the attackers acquired access to the servers from June 4, 2020 to July 7, 2020 and before the ransomware deployment, the attackers accessed some of the files stored on the servers. Upon examination of the files, they were found to have the PHI of 6,034 persons.

VOXX has already set up an endpoint threat detection and response program and is taking steps to improve network security. All impacted people were provided with free Experian’s IdentityWorks identity theft resolution services.