Getty Images/iStockphoto

Harrisburg Medical Center Data Breach Impacts 147K Individuals

Harrisburg Medical Center recently disclosed a year-old data breach in which a threat actor potentially gained access to sensitive documents.

Illinois-based Harrisburg Medical Center (HMC) filed a data breach notice with the Maine Attorney General’s Office regarding a December 2022 breach. The breach impacted 147,826 individuals in total.

HMC’s notice to patients stated that it discovered unusual activity on its computer network on December 23, 2022 and promptly launched an investigation. The investigation determined that an unauthorized party accessed HMC’s systems from December 19 to December 23 and potentially acquired certain documents.

The document review, which concluded in August 2023, concluded that the compromised information may have included names, Social Security numbers, clinical information, digital signatures, financial account numbers, and driver’s license numbers.

“In addition to the actions described above, we have taken steps to reduce the risk of this type of incident occurring in the future, including enhancing our technical security measures,” HMC stated.

HMC said it had no evidence that any personal information had been misused as a result of this breach but encouraged impacted individuals to take advantage of its identity theft protection services.

Heart of Texas Behavioral Health Network Suffers Data Breach

Heart of Texas Behavioral Health Network (HOTBHN) notified 63,776 individuals of a data breach that occurred in October 2023.

On October 22, HOTBHN discovered that an unauthorized party had gained access to its network environment. The provider immediately shut off all network access and engaged an incident response firm.

HOTBHN has not found any evidence that any patient information was misused but did determine that some information may have been exposed to an unauthorized third party, including names, addresses, Social Security numbers, health insurance policy numbers, and medical treatment information.

The types of information involved in the breach varied by individual.

“Data security is one of our highest priorities,” HOTBHN assured patients. “Upon detecting this incident we moved quickly to initiate a response, which included conducting an investigation with the assistance of IT specialists and confirming the security of our network environment. We have also reviewed and enhanced our technical safeguards to prevent a similar incident.”

Regional Family Medicine Breach Impacts 80K

Arkansas-based Regional Family Medicine informed 80,166 individuals of a data breach that resulted in an IT outage that disrupted access to certain local systems in June 2023.

Further investigation revealed that an unauthorized party gained access to Regional Family Medicine’s network between June 8 and June 26 and potentially acquired certain files containing information about employees and patients.

It was not until October 13 that Regional Family determined who was impacted by the breach and began obtaining addresses to notify the victims.

Regional Family Medicine offered credit monitoring services to all impacted individuals and implemented enhanced security measures to prevent a similar incident from occurring in the future.

Next Steps

Dig Deeper on Healthcare data breaches