Data Breaches at Granite Wellness Centers, Texas Spine Consultants, Southern California Center for Anti-Aging and Gastroenterology Consultants

PHI of 15,600 Patients Likely Affected in Ransomware Attack at Granite Wellness Centers

Granite Wellness Centers located in Northern California encountered a ransomware attack last January 5, 2021 resulting in patient information encryption. The center discovered the attack as it was happening and had the systems taken down to stop the data exfiltration.

There was a ransom demand given, however, Granite Wellness Centers did not pay for any ransom. All encrypted files were recovered from backups. An evaluation of the systems impacted showed they comprised patient details including names, dates of birth, dates of service, treatment and health details, treatment provider, and medical insurance provider name.

Granite Wellness Centers didn’t get any report that shows the misuse of patient data; nonetheless, affected persons were instructed to keep an eye on their accounts and explanation of benefits statements for doubtful transactions. Extra safety measures are being implemented to avoid more cyberattacks and to safeguard information placed on its systems.

The PHI of up to 15,600 persons was possibly affected in the attack.

25,728 Texas Spine Consultants Patients Affected by Security Breach

Texas Spine Consultants based in Addison, TX identified a security incident that concluded in the unintentional disclosure of the PHI of 25,728 individuals. The security breach took place on December 2, 2020 and remains under investigation, yet it doesn’t look like the breach was associated to cybercriminals or criminal actions.

The information accidentally disclosed just involved patients’ names, birth dates, and picture scans. Texas Spine Consultants has informed impacted people by mail and has offered data to help them secure themselves against bogus activity. More privacy and security actions were put in place to avert even more data breaches down the road.

Email Account Breach at Southern California Center for Anti-Aging

The Southern California Center for Anti-Aging based in Torrance, CA has found out that an unauthorized person acquired access to the email account of an employee and might have accessed or downloaded patient data.

The breach was discovered on December 9, 2020 and email account access was promptly blocked. An evaluation of the affected account showed that it comprised patient names together with some clinical data related to the care given at the Southern California Center for Anti-Aging.

The provider has put in place more security procedures to stop more breaches later on and notified all affected persons by mail.

Potential Theft of Patients’ PHI in Gastroenterology Consultants Hacking Incident

Gastroenterology Consultants based in Reno, NV is informing 2,500 patients concerning a data security incident that happened last December 8, 2020. A hacker obtained access to a server and possibly acquired files made up of patient names, contact phone numbers, addresses, and other personally identifiable information.

A third-party security company performed a forensic investigation and it seems that the hacker exfiltrated files from the server. Further cybersecurity procedures have already been enforced to avoid more breaches down the road.

About the Author

Elizabeth Hernandez
Elizabeth Hernandez is the editor of HIPAA News. Elizabeth is an experienced journalist who has worked in the healthcare sector for several years. Her expertise is not limited to general healthcare reporting but extends to specialized areas of healthcare compliance and HIPAA compliance. Elizabeth's knowledge in these areas has made her a reliable source for information on the complexities of healthcare regulations. Elizabeth's contribution to the field extends to helping readers understand the importance of patient privacy and secure handling of health information. Elizabeth holds a postgraduate degree in journalism. You can follow Elizabeth on twitter at