On September 3, 2021, Howard University College of Dentistry learned that unauthorized people had acquired access to its network and employed ransomware to encrypt files. The university made an announcement shortly after the attack that it was compelled to call off online and hybrid classes during the time its systems were fixed, and that a nationally recognized computer forensics organization was hired to look into the incident to know the magnitude of the attack and whether or not sensitive records were accessed or stolen.
The university affirmed on September 24, 2021 that a system storing the dental records of patients was impacted during the attack. There was no particular evidence of unauthorized access or files exfiltration found, even though dental records were encrypted. The encrypted files relating to dental sessions between October 5, 2019, and September 3, 2021, and included data like names, contact details, dates of birth, dental record numbers, health insurance details, dental history data, and Social Security numbers for a limited number of patients.
The university has notified all affected patients via mail and instructed them to check their account statements for any hint of fake activity and explained it has even further boosted its cybersecurity steps to better safeguard against pending cyberattacks and security breaches.
Howard University College of Dentistry fairly recently submitted the breach report to the HHS’ Office for Civil Rights indicating that up to 80,915 patients were affected.
PHI of Great Plains Manufacturing Health Plan Members Exposed in Cyberattack
Great Plains Manufacturing based in Kansas has advised 4,110 workers that their protected health information (PHI) was potentially compromised because of a cyberattack that was uncovered on October 11, 2021.
The investigation established that unauthorized persons first obtained access to its systems on September 28, 2021, and had access up to October 11, 2021, when the company discovered the breach and evicted the attackers from its system. An evaluation of the breached file server showed on November 1, 2021, that the accessed files comprised data including names, Social Security numbers, birth dates, medical insurance numbers, and members’ health plan options.
The breach just impacted personnel and their dependents who get the Great Plains Manufacturing, Inc. Employee’s Beneficiary Association Trust health plan coverage. The organization sent notifications to affected persons on December 1, 2021, and all impacted people were given one-year of free identity theft monitoring services.