The California Department of Corrections and Rehabilitation (CDCR) has lately found out that unauthorized individuals have acquired access to one of its information systems. The breached system held medical information on all people who were screened for COVID-19 between June 2020 and January 2022, which include staff members, visitors, and other persons, although not inmates. The data associated with COVID-19 screenings included name, personal address, telephone number, email, date of birth, and COVID-19 testing results.
Records on the system also held the mental health data of inmates in the Mental Health Services Delivery System from 2008, along with the information of persons on parole who were involved in substance use disorder treatment programs. Some of the compromised data included trust account details, driver’s license numbers, and Social Security Numbers.
The information of inmates comprised name, CDCR number, mental health history, mental health treatment, and mental health diagnosis. The data in the Trust, Restitution, Accounting, and Canteen System (TRACS) was likewise likely involved, including transaction data made by CDCR to and from trust accounts dating back to 2008, together with some trust account numbers.
CDCR mentioned the data breach was uncovered during routine maintenance. The investigation did not confirm when the first system compromise happened; nevertheless, suspicious activity was noticed in a file transfer system from December 2021. CDCR cannot affirm whether any specific information was accessed or exfiltrated and stated no corroborating evidence was observed that suggests compromise or misuse of any exposed information.
CDCR mentioned procedures and practices were modified to control the chances of other breaches and the affected computer system is not being used anymore. A substitute computer system was employed that has more security settings.
The incident is not yet posted on the HHS’ Office for Civil Rights Breach Portal therefore it is still uncertain how many people were impacted.
Lamoille Health Partners Suffers Ransomware Attack
Lamoille Health Partners based in Vermont has just announced that it encountered a ransomware attack on June 13, 2022. It took prompt action to avoid further unauthorized access to its systems. A third-party digital forensics firm helped with the investigation. Lamoille Health Partners stated it could securely restore the encrypted files from backup files thus no ransom was given; nonetheless, the forensic investigation confirmed that the attackers got access to its systems from June 12, 2022 to June 13, 2022. During that time it is possible that files that contain patients’ protected health information (PHI) may have been accessed or obtained.
On June 24, 2022, Lamoille Health Partners affirmed that the records that might have been viewed had patient data like names, dates of birth, addresses, health insurance data, medical treatment details, and Social Security numbers. 59,381 persons were informed about the exposure of their PHI. Complimentary identity protection and credit monitoring services were provided to people whose Social Security numbers were exposed.