Cyberattacks Reported by UT Southwestern Medical Center, Family Vision of Anderson, and Other Healthcare Providers

98,000 UT Southwestern Medical Center Patients Affected by MOVEit Cyberattack

UT Southwestern Medical Center (UTSW) has reported the theft of the protected health information (PHI) of 98,437 patients in a cyberattack that occurred on May 28, 2023. The Clop ransomware group took advantage of a zero-day vulnerability found in Progress Software’s MOVEit file transfer program, acquired access to UTSW’s MOVEit server, and extracted files that included names, birth dates, medical record numbers, medicine names, medication doses, names of prescribing provider. The Social Security numbers of some of the impacted persons had been stolen as well. Progress Software informed UTSW about the cyberattack on May 30, 2023. UTSW immediately patched the exploited vulnerability.

The German cybersecurity company KonBriefing reported recently that its data indicates no less than 455 companies were targeted in this cyberattack, and around 23 million persons were impacted. The Clop group recently began publishing victim information on its clear web data leak site.

Family Vision of Anderson Encounters Ransomware Attack

Family Vision of Anderson located in South Carolina encountered a ransomware attack in May 2023. A ransom note that was discovered on its computer on May 28, 2023 indicated that files were encrypted. Computer systems were taken offline right away to stop continuing unauthorized access, and respective authorities were informed. The US Secret Service helped with the investigation and confirmed the use of ransomware that encrypted files on May 21.

The attackers might have acquired files that contain the data of patients along with their family members, such as names, birth dates, gender, driver’s license numbers, Social Security numbers, phone numbers, email addresses, medical record numbers, medical insurance details, allergies and other health history details, scheduled optometrist names, appointment dates, optometry eye scans, and optometry prescription medications. Security is improved, and staff is given extra training. Family Vision of Anderson reported the breach to the HHS’ Office for Civil Rights indicating that around 62,631 persons were affected. Notification letters were sent and impacted people were provided free identity theft protection services.

LifeWorks Wellness Center Hacking Incident Impacts 17,000 Individuals

LifeWorks Wellness Center located in Clearwater, FL just submitted a data breach report to the Maine Attorney General indicating that 17,000 patients were affected. Hackers accessed its internal file system on or about May 20, 2023. The forensic investigation revealed that files made up of patient records were viewed, and might have been stolen. LifeWorks stated the hackers failed to access its patient database which contains medical and treatment data. The breached servers contained the data of present and past patients and workers including names, credit card numbers, Social Security numbers, health ID codes, and medical ailments and diagnoses. LifeWorks stated it has enforced extra security measures to stop the same breaches later on.

Employee Email Account Breach at UC Davis Health

On May 24, 2023, it was confirmed by UC Davis Health in Sacramento, CA that an unauthorized individual accessed an employee’s email account. The employee utilized their company email account to arrange follow-up care for patients. The email account contained limited PHI. The forensic investigation revealed that just one email account was compromised, and the breach was discovered immediately by its IT security solutions; nevertheless, it is likely that sensitive information was stolen. Impacted persons were provided free credit monitoring services for one year and the employee involved has been given extra email security training. The incident is not yet posted on the HHS’ Office for Civil Rights Breach website, therefore it is presently uncertain how many persons were impacted.

Paramedic Billing Services Reports Hackers Had Access to Patient Data

Paramedic Billing Services based in Elmhurst, IL has just reported that it encountered a cyberattack at the end of May 2023. It identified suspicious activity in its computer systems, which was promptly secured to stop more unauthorized access. On June 23, 2023, it was confirmed by Paramedic Billing Services that an unauthorized third party got access to systems that contain PHI and might have stolen selected files from its programs. Those data files contained names, contact details, birth dates, medical data, medical insurance details, driver’s license/state ID numbers, Social Security numbers, financial account data, and payment card details.

The file analysis is in progress, thus the total number of impacted persons is still not known. Paramedic Billing Services has reported the incident to the HHS’ Office for Civil Rights indicating that at least 501 persons were affected. The company will send notification letters to affected persons when the analysis is finished. Paramedic Billing Services stated its current guidelines and procedures associated with data security are being evaluated and will be improved.

Cyberattack on CardioComm Solutions Inc

CardioComm Solutions Inc., a Canadian cardiac monitoring software firm, has reported that a cyberattack has caused some of its IT systems to break down. As per an announcement given by the firm, the cyberattack resulted in downtime to the following services: HeartCheck CardiBeat/GEMS Mobile ECG/RPM (record/upload) and Global Cardio 3, GEMS Flex 12, GEMS Home Flex (upload). The interruption is likely to carry on for a number of days, and possibly longer. Third-party cybersecurity specialists investigated the cyberattack to find out the scope of sensitive information affected. Customer information is not affected as CardioComm doesn’t gather customer information, and its software program works on every customer’s server environment; nevertheless, employee information might have been exposed. Affected employees received identity theft protection services as a safety measure.

About the Author

Elizabeth Hernandez
Elizabeth Hernandez is the editor of HIPAA News. Elizabeth is an experienced journalist who has worked in the healthcare sector for several years. Her expertise is not limited to general healthcare reporting but extends to specialized areas of healthcare compliance and HIPAA compliance. Elizabeth's knowledge in these areas has made her a reliable source for information on the complexities of healthcare regulations. Elizabeth's contribution to the field extends to helping readers understand the importance of patient privacy and secure handling of health information. Elizabeth holds a postgraduate degree in journalism. You can follow Elizabeth on twitter at