LifeLong Medical Care & Beaumont Health Patients Affected by Data Breaches at Business Associates

LifeLong Medical Care, a Californian healthcare firm serving patients in Contra Costa, Alameda, and Marin Counties, has informed a number of patients who had their protected health information (PHI) affected in a ransomware attack on Netgain Technologies, its third-party vendor.

Netgain Technologies identified a data breach on November 24, 2020 that involve ransomware. An internal investigation into the breach established on February 25, 2021 that the attackers got access to data files that contain the data of its clients. The attackers initially accessed its systems on November 15, 2020.

LifeLong Medical Care stated it started an extensive investigation into the security breach and found out on August 9, 2021 that the personal information and PHI of patients were viewed and/or copied from Netgain’s system. Impacted patients had their complete name compromised together with at least one of these data elements: Social Security number, birth date, patient cardholder number, and/or treatment and diagnosis details.

Affected people began to be advised regarding the breach on August 24, 2021, 9 months following the breach happened. LifeLong Medical Care mentioned it isn’t aware of any incidents of identity theft or inappropriate use of patient information due to the incident however has suggested patients whose Social Security number was breached to avail free credit monitoring services.

LifeLong Medical Care mentioned in its August 24, 2021 breach notification letter that it is dedicated to the protection of information, and is working together with third-party vendors to improve security and monitoring.

The HHS’ office for Civil Rights breach website has yet to report the breach, therefore it is uncertain yet how many people were impacted at this time.

Beaumont Health Patients’ PHI Exposed Because of the January 2021 Accellion Data Breach

Beaumont Health, the biggest healthcare service company in Michigan, reported on August 27, 2021 that the PHI of a number of of its patients was exposed in the extortion attack on Accellion in January 2021. Beaumont Health stated it was informed by Goodwin Proctor LLP on February 5, 2021 that patient records were exposed in the attack. Goodwin Proctor had utilized the Accellion File Transfer Appliance for delivering big files among customers, one of which was Beaumont Health.

Goodwin Proctor had obtained files made up of the personal data and PHI of patients of Beaumont Health connected with the legal services offered by the law agency. The breach investigation confirmed that records on the Accellion appliance were acquired by the attacker on January 20, 2021 after exploiting a vulnerability. The threat actor, who had an association with the Clop ransomware gang, then attempted to extort funds to stop the release/selling of the stolen information.

Beaumont Health mentioned “Goodwin advised Beaumont regarding the Accellion security incident right after learning that the data taken by the threat actor may have comprised Beaumont patient details. Beaumont consequently performed its own independent evaluation of the data affected by the Accellion incident and uncovered on June 28, 2021 that the affected details included some patient health data of several Beaumont patients.

The PHI of around 1,500 patients was affected in the breach, which involved patient names, names of procedure, doctor names, dates of service, and internal medical record numbers.

Beaumont Health stated it has not gotten any reports of misuse of that details, the same is the case with Goodwin Proctor. Goodwin Proctor gave breach notification letters to impacted persons on behalf of Beaumont Health starting on August 27, 2021. Goodwin Proctor mentioned it has ended its usage of the Accellion File Transfer Appliance and is currently further analyzing its data security guidelines and processes.

This is the most recent in a chain of data breaches to impact Beaumont Health. At the end of 2019, Beaumont Health identified a 20-month insider data breach that impacted 1,182 patients, documented a phishing attack in April 2020 that had an impact on 112,000 patients, and another phishing-related breach was noted in July 2020 as affecting 6,000 individuals.