55,000 there, 190,000 there, 1.8 million there, and the breaches roll on…
Taylor Regional Hospital in Kentucky recently notified 190,209 patients of breach that they identified in January. An investigation determined that an unauthorized person had gained access to their network between November 2, 2021 and January 19, 2022, and obtained certain files from their systems containing patients’ names, and one or more of the following: address, date of birth, Social Security number, insurance information, medical record number, and/or clinical information related to care received at Taylor Regional. Their website notice does not indicate that they are offering those affected any monitoring or mitigation purposes.
In Indiana, Alacrity Solutions Group, LLC notified 54,674 people about a breach that involved their name, address, Social Security Number, driver’s license number, financial information (e.g. account number, credit or debit card number), medical information, and/or health insurance information. The breach occurred between March 1 and March 3, but their notice does not indicate whether this was a ransomware incident or not — only that protected health information may have been accessed or acquired.
And then there’s the Texas Department of Insurance. They informed the Texas Attorney General’s office that 1,800,000 Texas were affected by a leak involving names, addresses, dates of birth, phone numbers, parts or all of Social Security numbers, and information about injuries and workers’ compensation claims. Anyone who had claim since 2006 might be affected.
Those are just a few of the incidents I read about yesterday. Let’s see what today brings.