Victor/Adobe Stock

Third-Party Data Breaches Continue to Dominate Breach Notifications

The MOVEit hack and other third-party data breaches continue to impact healthcare entities across the country, this week’s data breach roundup shows.

This week, Singing River Health System in Mississippi is actively facing system downtime as it investigates a cyberattack on its network. What’s more, Prospect Medical Holdings, which operates 16 hospitals and more than 165 clinics across Southern California, Rhode Island, Pennsylvania, and Connecticut, is still experiencing a systemwide outage that began on August 9.

As these incidents continue to develop, other entities have continued to report confirmed data breaches to HHS, as exemplified in this week’s data breach roundup. Third-party data breaches continue to dominate breach notifications, causing breaches across the country.  

Texas Public Mental Health Authority Suffers From MOVEit Hack

The Harris Center for Mental Health and IDD notified 599,367 individuals of a breach stemming from the MOVEit Transfer hack. As previously reported, MOVEit disclosed the vulnerability on May 31 and issued a patch on the same day.

The Harris Center, which is the public mental health authority for Harris County, Texas, said that it does not directly use MOVEit, but one of its third party vendors does.

“Upon learning of the incident at our service provider, we promptly began an investigation and worked closely with our service provider to ensure that they were taking steps to further secure our information,” the notice to patients stated.

“Our investigation determined that the third parties gained access to certain The Harris Center documents. This incident did not involve unauthorized access to any The Harris Center systems.”

The information involved in the incident included names, addresses, Social Security numbers, dates of birth, health insurance information, and protected health information.

Data Media Associates Notifies Healthcare Entities of MOVEit Breach

Data Media Associates (DMA), which provides revenue cycle management solutions to the healthcare industry, informed an undisclosed number of individuals about the MOVEit hack, which impacted its data.

After learning of the Cybersecurity and Infrastructure Security Agency’s (CISA) alert about the vulnerability impacting MOVEit Transfer, DMA said it took immediate steps to patch its MOVEit system and launched an investigation.

The investigation determined that certain data may have been acquired without authorization, including names, addresses, high-level medical and health insurance information, and health insurance ID numbers, which may be the same as Social Security numbers.

“DMA takes the security and privacy of individuals' information very seriously,” DMA stated.

“It has taken all remediation measures recommended by the MOVEit software developers and will be evaluating additional safeguards that can be put in place to further enhance the security of the data entrusted to it.”

AZ Blue Notifies 47K of TMG Health Breach

Blue Cross Blue Shield of Arizona (AZ Blue) recently notified 47,485 individuals of a cyberattack that occurred at one of its vendors, TMG Health. TMG Health provides data services to AZ Blue in regard to enrollment-related files.

As previously reported, VNS Health Plans notified more than 100,000 individuals of the breach at TMG Health, which impacted the health plan’s beneficiaries.

On June 21, TMG Health discovered that it had fallen victim to a cyberattack in which an unauthorized party downloaded data. For AZ Blue members, the data potentially included member IDs, addresses, email addresses, phone numbers, dates of birth, Social Security numbers, and banking information. The breach did not impact AZ Blue systems directly.

“TMG Health is also continuing to monitor its systems, and it is updating its systems to try to prevent this from happening again. The company is committed to maintaining the privacy and security of your information and is taking this incident very seriously,” AZ Blue assured members.

350K Individuals Impacted by CentroMed Breach

CentroMed, also known as El Centro del Barrio, notified 350,000 individuals of a data breach that occurred in June 2023. CentroMed operates a network of integrated primary care clinics across San Antonio, Texas.

On June 12, CentroMed discovered potential unauthorized activity within its IT network. CentroMed later determined that an unauthorized third party had accessed files containing information pertaining to current and former patients, employees, and employee spouses and dependents.

The information involved in the incident varied by individual but may have included names, addresses, Social Security numbers, financial account information, health insurance plan member IDs, and claims data.

CentroMed has since notified all impacted individuals and implemented additional safeguards to protect its systems.

Next Steps

Dig Deeper on Healthcare data breaches