Almerys
January 31, 2024
•[ hack, healthcare ]
French healthcare services firm Almerys also suffers a cyberattack that exposed the data of policyholders and healthcare professionals in the country. The combination of the two breaches compromises the information of 33 million individuals.
Viamedis
January 31, 2024
•[ leak, healthcare ]
French healthcare services firm Viamedis suffers a cyberattack that exposed the data of policyholders and healthcare professionals in the country.
University of Chicago Medical Center
January 30, 2024
•[ social, phishing, healthcare ]
The University of Chicago Medical Center reveals that a phishing incident involving the emails of workers at University of Chicago Medical Center may have exposed the personal information of about 10,300 people.
Des Moines Orthopaedic Surgeons
January 24, 2024
•[ hack, healthcare ]
Des Moines Orthopaedic Surgeons (DMOS) files a notice of data breach after discovering that an unauthorized actor was able to access the companys computer network.
BrightStar Care
January 24, 2024
•[ ransomware, malware, healthcare ]
The ALPHV/BlackCat ransomware gang claims responsibility for ransomware attack to BrightStar Care. The same day another group Sieged Sec claims to have breached the same organization.
Unknown Healthcare organization in Thailand
January 22, 2024
•[ leak, misconfiguration, healthcare ]
A threat actor named Soni posts a leaked database related to healthcare. The data breach consists of 25.5k records of user information including ID, user URL, encrypted passwords (phpass), user emails, login details, account status, display names, registration dates, and user activation keys.
Grace Lutheran Foundation
January 22, 2024
•[ ransomware, malware, healthcare ]
Grace Lutheran Foundation, d/b/a Grace Lutheran Communities posts a notice about a data breach discovered on January 22, 2024. The same day the ALPHV/BlackCat ransomware gang claims responsibility for the attack.
Hypertension-Nephrology Associates
January 20, 2024
•[ leak, healthcare ]
Pennsylvania medical practice Hypertension Nephrology Associates over the past week notified 39,491 people of a January data breach that compromised patient names, Social Security numbers, and health insurance ID numbers, among other data.
Columbus Regional Healthcare System
January 19, 2024
•[ hack, healthcare ]
Columbus Regional Healthcare System (CRHS) files a notice of data breach after discovering that hackers were able to remove personal information from the companys computer network.
Community Memorial Healthcare
January 18, 2024
•[ hack, healthcare ]
Community Memorial Healthcare (CMH) files a notice of data breach after discovering that an unauthorized party had accessed the companys IT network.
Signature Performance
January 18, 2024
•[ hack, healthcare ]
Signature Performance files a notice of data breach after learning that an unauthorized party was able to access the companys IT network.
Alpha Supported Living Services
January 12, 2024
•[ social, phishing, healthcare ]
Alpha Supported Living Services (Alpha) files a notice of data breach after discovering that the organization was the recent victim of a phishing attack.
Water for People
January 11, 2024
•[ ransomware, malware, healthcare ]
The ransomware-as-a-service gang Medusa lists Water for People on its darknet site, threatening to publish stolen information unless the nonprofit pays a $300,000 extortion fee.
TriZetto Provider Solutions,
January 11, 2024
•[ data leak, healthcare ]
TriZetto Provider Solutions, a Cognizant-owned vendor providing revenue management services to healthcare organizations, reported a cybersecurity incident affecting a customer web portal. TriZetto identified suspicious portal activity on 10/02/2025, secured the portal, and engaged Mandiant to investigate and validate remediation. Forensic work determined an unauthorized third party had been accessing historical eligibility transaction reports within TriZetto systems since November 2024, nearly a year before detection. The reports contained protected health information for patients of certain healthcare provider clients. TriZettos review determined compromised data could include patient and primary insured names combined with other personal and insurance information such as addresses, dates of birth, Social Security numbers, member/Medicare numbers, insurer names, and related demographic health and coverage details. TriZetto stated it believed the actor had been eradicated and no further unauthorized portal activity was detected after 10/02/2025; the total number of affected clients/individuals was not yet publicly confirmed.
Medjet
January 9, 2024
•[ hack, healthcare ]
Medjet and Medjet Assist (Medjet) file a notice of data breach after discovering that information that had been entrusted to the company was subject to unauthorized access.
CINQ CARE
January 4, 2024
•[ leak, healthcare ]
CINQ CARE files a notice of data breach after discovering that a cybersecurity incident compromised information contained on the companys computer network.
X account of nonprofit consortium ‘The Green Grid'
January 3, 2024
•[ hack, phishing, healthcare ]
The X (formerly Twitter) account of nonprofit consortium The Green Grid' is hijacked to promote a cryptocurrency scam.
NHS Dumfries and Galloway
January 1, 2024
•[ hack, healthcare ]
cyber attack
Medusind Solutions
December 29, 2023
•[ data leak, healthcare ]
Medusind Solutions, a healthcare billing and revenue cycle management provider, suffered a data breach on December 29, 2023, when unauthorized actors accessed its systems and exfiltrated sensitive patient data. Compromised data included names, addresses, insurance details, and other medical information of patients from multiple provider clients. The company disclosed the breach on January 10, 2024. There was no service disruption reported, but patient data privacy was significantly impacted.
Mountain Dermatology Specialists
December 28, 2023
•[ hack, phishing, healthcare ]
Mountain Dermatology Specialists reports an email account breach that was detected on October 26, 2023.
