Two healthcare organizations have begun sending out breach notification letters to thousands of people in California and Arizona after both revealed that sensitive information — including social security numbers, treatment information and diagnosis data — were accessed during recent cyberattacks.
LifeLong Medical Care, a California health center, is sending letters to about 115,000 people about a ransomware attack that took place on November 24, 2020.
The letter does not say which ransomware group was involved but said Netgain, a third-party vendor that provides services to LifeLong Medical Care, “discovered anomalous network activity” and only determined it was a ransomware attack by February 25, 2021.
It took until August 9, 2021 for Netgain and LifeLong Medical Care to complete their investigation, and the companies eventually found that full names, Social Security numbers, dates of birth, patient cardholder numbers, treatment and diagnosis information was “accessed and/or acquired” during the attacks.
LifeLong Medical Care urged those affected
The article Healthcare orgs in California, Arizona send out breach letters for nearly 150,000 after SSNs accessed during ransomware attacks originally appeared on ZDNet.