Several health systems have reported data breach incidents that have compromised patient data and IT systems during June.
Here are 11 cyberattacks as reported by Becker's during June.
- Oakland, Calif.-based Alameda Health System reported that a data breach potentially exposed the protected health information of 90,000 patients. The health system told Becker's that an unauthorized user was able to remotely gain access to the email accounts, which contained patients' personal health information.
- BJC HealthCare notified patients that an unauthorized user had gained access to email accounts of BJC physicians and resident physicians between March 4 and March 28. The emails contained the protected health information of an unknown number of patients.
- Yuma (Ariz.) Regional Medical Center notified patients about a ransomware attack that forced the hospital offline and potentially exposed the protected health information of patients. The hospital learned that a ransomware attack had affected its internal systems between April 21 and April 25. An investigation later determined that an unauthorized user had removed files from the hospital's system that included patient health information.
- Kaiser Permanente learned that an unauthorized user gained access to an employee's email account on April 5. The emails contained protected health information of 69,589 patients. Kaiser Permanente said it has found no evidence that the information was accessed or misused.
- Omaha, Neb.-based CHI Health notified patients of a data breach that occured at its clinical guidance vendor, MCG Health, which potentially exposed the protected health information of patients. The number of affected patients is unknown.
- A data breach at MCG Health also exposed the protected health information of 900 patients at Avera McKennan Hospital & University Health Center.
- UChicago Medicine notified patients that an unauthorized user had access to some employee email accounts, putting protected health information of patients at risk. The health system learned March 24 that an unauthorized user had access to several employee email accounts, and that access lasted until March 31. The HHS data breach portal reported that 2,568 patients have been affected by the email breach.
- The IT networks at San Antonio, Texas-based Baptist Medical Center and New Braunfels, Texas-based Resolute Health Hospital were infected by malicious code that allowed an unauthorized user to access the personal health information of some patients. The number of affected patients is unknown.
- On June 17, Yale New Haven (Conn.) Hospital informed patients that radiology files, which contained protected health information for research, were accidentally posted on the health system's website for four months. The health system has launched an investigation into the incident.
- Texas Tech University Health Science Center notified patients of a data breach that occured at its eye care software vendor, Eye Care Leaders, which exposed the protected health information of more than 1.2 million patients. The same breach has also affected eight eye care practices.
- Kinston, N.C.-based UNC Lenoir Health Care notified patients of a data breach that occured at its clinical guidance software vendor, MCG Health, which has exposed the protected health information of patients at its health system. The number of affected patients is unknown.