Welcome to the Patronus Security Blog. This is the introduction to the weekly series highlighting a few breaches that have occurred in the past week or so. In most cases, the cases highlighted will be those that have been reported on the Office for Civil Rights breach database and will highlight data in our published breach dashboard. I hope you enjoy this weekly feature. And please subscribe below to get a weekly update in your inbox of Weekly Breach News and a summary of other posts on the Patronus Security blog.
Trinity Health – 586,869 records
On April 5th, the OCR published the breach of Michigan-based Trinity Health regarding the compromise of the private information of 586,869 patients. The data was stolen as the result of an attack on Accellion, a third-party file sharing service. Accellion now faces at least 14 separate lawsuits as a result of the breach. The hackers were able to exploit four known, unpatched vulnerabilities in Accelions software and gained access to their customers’ and patients’ data for several days allowing the hackers to steal the patient information. While the exact number of records across all companies has not been reported, it certainly numbers in the millions. Accellion clients began receiving extortion demands in January. Other notable companies of the over 100 impacted by the breach include Jones Day, Kroger, and Southern Illinois University. Accellion clients began receiving extortion emails in January. The attackers threatened to publish the stolen data if the victims did not pay the demands.
Total Health Care – 221,454 records
On April 5th, the OCR reported the breach or potential breach of 221454 patient records by Total Health Care a health plan based in Detroit Michigan. Total Health Care reported on its website that it had “experienced a cybersecurity incident that involved unauthorized access to several employee email accounts. Those email accounts contained sensitive personal information about the company’s members and physician partners…The emails may have included your Social Security number and/or member ID, claims information or your name, date of birth, and address.”
Bricker and Eckler – 450,532 records
On April 2nd, the OCR reported that the law firm of Bricker and Eckler, had undergone a ransomware attack that potentially compromised the sensitive information of 420532. The law firm on its website reported that “On January 31, 2021, Bricker learned that it was the target of a ransomware attack. Upon learning of the incident, Bricker immediately took measures to contain the incident, launched an investigation, and third-party cybersecurity forensic experts were engaged to assist.”