Cyberattacks on AmeriBen, DMS Health Technologies and More Companies Affected by MOVEit Hack

Email Incident at AmeriBen Exposed the PHI of About 75,000 People

Medical benefits administration services provider IEC Group, Inc., dba AmeriBen, recently submitted an email data breach report to the HHS’ Office for Civil Rights that impacted around 74,884 persons. The report indicated an unauthorized access/disclosure incident. There is no mention in the breach notice if an unauthorized third party or an insider was responsible for the incident.

AmeriBen stated it believes there will be no misuse of any of the exposed data yet has instructed the impacted persons to keep an eye on their Explanation of Benefits statements as a safety measure. The email account included protected health information (PHI) like the first and last names of employees, claimants first and last names, employer CERT codes, case numbers, names of providers, provider city, claim number, internal INEL codes, date(s) of service, and amounts invoiced and paid.

Ransomware Attack on Law Agency Impacted Delta Dental of California

The PHI of Delta Dental of California patients was compromised in a cyberattack encountered by its legal adviser, Orrick, Herrington & Sutcliffe. From February 28 to March 13, 2023, an unauthorized third party accessed the system of the law firm where it stored files that included personal data and PHI.

The data possibly exposed includes names, addresses, birth dates, dental insurance policies, healthcare provider data, and some dental diagnoses and treatment-associated data. Orrick, Herrington & Sutcliffe sent notifications by mail to the impacted persons and offered free credit monitoring services for 2 years.

The incident is already published on the Office for Civil Rights breach portal indicating that at least 500 persons were affected. A lawsuit was filed recently because of this data breach claiming that the PHI of 152,818 people was exposed in an incident involving a ransomware attack.

Cyberattack on Imaging Vendor Impacts Sanford Health

Sanford Health recently notified some patients about the exposure of some of their PHI in a security incident that happened at DMS Health Technologies, its imaging supplier. On April 23, 2023, DMS Health Technologies noticed suspicious activity in its computer network. The forensic investigation affirmed that unauthorized persons got access to its system from March 27 to April 24, 2023, and within that time period, sensitive client information was compromised. Sanford Health stated there was limited exposed data including names, dates of birth, dates of service, doctor names, and types of exam. The incident affected 21,211 Sanford Health patients.

Nuance Communications: MOVEit Hack Affected 13 Healthcare Clients In North Carolina

Nuance Communications, a computer software company owned by Microsoft providing software program for sharing radiology records between providers, recently reported that it was impacted by the mass hacking of a zero-day vulnerability in the MOVEit Transfer file transfer solution of Progress Software. Progress Software notified Nuance on May 31, 2023, that a formerly unknown vulnerability was discovered and a patch was made available to correct the problem; nevertheless, the Clop group already exploited the vulnerability from May 28 to 29.

The information stolen during the attack contained these types of data: name, email address, address, gender, date of birth, date(s) of service, service locations, names of practitioners, imaging reports, diagnoses, treatments offered, medicine dosages, patient identifiers like medical record numbers, names of relatives, power of attorney names, medical insurance numbers, diagnostic study identifiers (study UID, accession number) and patient identifiers like medical record number. There were no diagnostic photos compromised.

Nuance reported the data breach as representative of the following 13 healthcare clients:

  • Atrium Health based in Charlotte, a healthcare system giant
  • Catawba Valley Medical Center in Hickory
  • Charlotte Radiology
  • DLP Central Carolina Medical Center in Sanford
  • Duke University Health System
  • ECU Health based in Greenville
  • FirstHealth of the Carolinas based in Pinehurst
  • Mission Health System based in Asheville
  • Novant Health based in Winston-Salem
  • Novant Health New Hanover Regional Medical Center based in Wilmington
  • UNC Health based in Chapel Hill
  • Wake Radiology Diagnostic Imaging based in Raleigh
  • WakeMed Health & Hospitals based in Raleigh

St Luke’s Health System based in Idaho also reported that the incident at Nuance compromised the data of 4,679 patients, but opted to send its own breach notifications.

MOVEit Hack Also Affected Indiana University Health, Serco Inc., and the American National Group

Indiana University Health has informed 21,383 health plan members about the compromise of some of their PHI when the Clop group exploited the MOVEit Transfer solution that its claims processing vendor, TMG Health was using. The data breach merely impacted IU Health Plans Medicare Advantage members. The stolen data during the attack contained member names, member ID numbers, effective dates of plans, and the banking account and routing numbers in some circumstances.

Serco Inc.
Serco Inc. Group Health Plan has announced the compromise of the PHI of 10,140 group health plan members. CBIZ, its benefits administration services provider, used the MOVEit Transfer solution. The data compromised during the incident involved names, birth dates, addresses, Social Security numbers, Serco and/or personal e-mail addresses, and the health benefits for the year selected.

American National Group

American National Group has reported that it was impacted by the mass hack of the MOVEit Transfer vulnerability that happened on May 28, 2023. The breach incident impacted 47,711 persons and the data stolen included names, birth dates, addresses, and Social Security numbers. Impacted persons were provided credit monitoring services for 2 years.

About the Author

Elizabeth Hernandez
Elizabeth Hernandez is the editor of HIPAA News. Elizabeth is an experienced journalist who has worked in the healthcare sector for several years. Her expertise is not limited to general healthcare reporting but extends to specialized areas of healthcare compliance and HIPAA compliance. Elizabeth's knowledge in these areas has made her a reliable source for information on the complexities of healthcare regulations. Elizabeth's contribution to the field extends to helping readers understand the importance of patient privacy and secure handling of health information. Elizabeth holds a postgraduate degree in journalism. You can follow Elizabeth on twitter at