Vitalii Gulenok/istock via Getty

Elitecare Emergency Hospital suffers healthcare data breach

Elitecare Emergency Hospital in Texas suffered a healthcare data breach that affected more than 24,000 individuals.

Elitecare Emergency Hospital notified 24,754 individuals of a cybersecurity incident that resulted in a healthcare data breach. Elitecare provides 24-hour pediatric urgent care and adult emergency hospital services in League City, Texas, and its surrounding areas.

The organization detected suspicious activity within its computer systems on July 10, 2024, and immediately disconnected its systems. Further investigation revealed that an unauthorized party accessed protected health information. Elitecare said it had not found evidence that the incident had spread beyond the initial intruder.

The breached data included health insurance information, medical information, billing and claims information and other personal data, such as Social Security numbers and driver's license numbers. Elitecare immediately engaged with external experts and law enforcement to contain and investigate the incident.

"Elitecare, along with leading external industry experts, continue to monitor the internet and dark web for any indication that the affected personal information is being circulated. To date, we have seen no indications," Elitecare stated in a HIPAA substitute notice.

"Following the incident, Elitecare has reinforced its policies and implemented additional technological safeguards to reduce the risk of similar incidents in the future."

Elitecare offered credit monitoring and identity theft protection services to affected individuals and encouraged them to remain vigilant.

UT Southwestern Medical Center suffers data breach

UT Southwestern Medical Center in Dallas, Texas suffered a data breach in August 2024, according to a breach notice posted on its website. The leading academic medical center said it learned of unauthorized access to patient information on Aug. 12, 2024.

The unauthorized party accessed information within its Frisco medical office building. The potentially breached information included names, addresses, Social Security numbers, driver's license numbers, health insurance information, medical information, and dates of birth.

UT Southwestern Medical Center said it was not aware of any misuse of the affected data. The medical center encouraged affected individuals, who have already been notified, to contact UT Southwestern for any assistance or questions regarding the incident.

Richland County, Wis. notifies 76K individuals of 2023 data breach

Richland County, Wis., a county of approximately 17,000 individuals, suffered a healthcare data breach that affected upwards of 76,000 individuals. Although Richland County discovered the breach in October 2023, it did not file a breach report with HHS until September 2024.

According to the breach notice, Richland County detected unauthorized access to its network on Oct. 4, 2023. The county immediately launched an investigation. In August 2024, investigators determined that the unauthorized party accessed certain files containing personal information throughout October 2023.

The files contained names, dates of birth and death, Social Security numbers, tax identification numbers, financial account numbers, usernames and passwords, license plate numbers, passport numbers, medical information, prescription information, and biometric information.

Richland County said it had no evidence that any of the affected information had been used for identity theft or financial fraud but offered several resources for monitoring credit reports and protecting medical information.

Jill McKeon has covered healthcare cybersecurity and privacy news since 2021.

Next Steps

UMC Health System suffers ransomware attack, IT outage

Dig Deeper on Healthcare data breaches