Security Breaches at Rhode Island Healthcare Provider and California Hospice Potentially Compromised PHI

Rhode Island Ear, Nose and Throat Physicians Inc. (RIENT) is informing 2,943 patients regarding the unauthorized access of a server that contained some of their health data. A hacker accessed RIENT’s network on June 19, 2019.

The provider detected the breach on the same day and secured its network. A hired third-party computer forensics company helped with the investigation to find out the nature and scope of the breach.

The hacked servers do not store the healthcare records of all RIENT patients, only the records of those who got healthcare services from May 1, 2019 to June 12, 2019. The forensic investigators did not find any evidence that indicates the viewing or copying of patient data and no reports were obtained that suggest the misuse of patient data.

For most of the impacted patients, the compromised information only included names, birth dates, and clinical data. The Social Security number of a small number of patients were also exposed.

RIENT also offered free credit monitoring and identity theft protection services to the patients who had their Social Security numbers exposed. More technical safety measures were implemented to enhance the provider’s security posture and avoid the same attacks later on.

Ransomware Attack on California Hospice

The Hospice of San Joaquin located in Stockton, CA announced that hackers infected its network with ransomware on July 2, 2019 and were able to access the servers hosting the protected health information (PHI) of some patients.

Although the attackers accessed the patient information, the hospice believes that the attackers did not view, misuse or stole any personal data.

Because unauthorized access or theft of data cannot be ruled out with certainty, the hospice notified the patients about the breach. The information of people impacted by the breach included their full name and their home address diagnoses, patient ID number, and other sensitive data.

The hospice also strengthened their security measures to avoid the same attacks later on.