Data Breaches at Arizona Asthma and Allergy Institute, Nebraska Department of Health and Human Services and Stillwater Medical Center

Arizona Asthma and Allergy Institute mailed breach notification letters to 70,372 individuals who acquired services from October 1, 2015 to June 15, 2020.

In accordance with the breach notice, a variety of their personal information and protected health information (PHI) which include names, patient ID numbers, medical care provider names, medical insurance details, and treatment cost data was exposed on the web under the name of some other company for a short period of time in September 2020.

After getting a notification concerning the exposed data, a third-party forensics firm was employed to look into the breach. The investigation finished on March 8, 2021 and affirmed that PHI was compromised. got in touch with Arizona Asthma and Allergy Institute to inform them regarding the breach, which was a ransomware attack executed by the Maze ransomware operation. Sensitive records acquired during the breach were shared to the Maze Group’s information leak webpage for a short while in September using the Medical Management Inc name.

Nebraska Department of Health and Human Services Notifies Folks Regarding Privacy Breach

The Nebraska Department of Health and Human Services has discovered a software malfunction that contributed to the sending of individuals’ telephone numbers and incomplete Social Security numbers to a 3rd party in April 2021.

The HHS learned about the privacy breach on April 9, 2021 and has already sent notification letters to roughly 500 persons. As per the HHS, the nature of information and the person to whom it was delivered – someone in the State of Nebraska – makes the possibility of identity theft or fraudulence minimal.

Short-term steps have been utilized to resolve the program malfunction as the HHS explores for a more long-term solution.

Stillwater Medical Center Looks into Security Breach

Stillwater Medical Center located in Oklahoma has started an investigation into a security breach impacting particular information systems. In a Facebook posting on June 14, 2021, Stillwater Medical Center mentioned that a breach took place on June 13, 2021 and it promptly de-activated its systems while the occurrence investigation was in progress. A third-party computer forensics organization is helping with the inquiry. Systems will be back on the internet without delay.

Currently, the investigation is still in the beginning phase however, there is no proof identified that suggests the exposure of any patient data. More facts concerning the incident will be presented as soon as it is offered.


About the Author

Elizabeth Hernandez
Elizabeth Hernandez is the editor of HIPAA News. Elizabeth is an experienced journalist who has worked in the healthcare sector for several years. Her expertise is not limited to general healthcare reporting but extends to specialized areas of healthcare compliance and HIPAA compliance. Elizabeth's knowledge in these areas has made her a reliable source for information on the complexities of healthcare regulations. Elizabeth's contribution to the field extends to helping readers understand the importance of patient privacy and secure handling of health information. Elizabeth holds a postgraduate degree in journalism. You can follow Elizabeth on twitter at